General

  • Target

    6d2d281af8827b72f7ae71d1a5d8456d9a00015afa5b4d51dc97c3546418e5a8

  • Size

    394KB

  • Sample

    241110-tykwga1bpf

  • MD5

    a9ea44f9608abc4cc10abe31485a17b7

  • SHA1

    4a528ab21b8f00369b835766b5fc743124154ae8

  • SHA256

    6d2d281af8827b72f7ae71d1a5d8456d9a00015afa5b4d51dc97c3546418e5a8

  • SHA512

    a111a9b56c1fb9f3b09fdec78642c137024505a416c9c8404ed076c416e51c8d3fbc7299868ab3a3408d5d888e3a34dc679b263bab23902ee6ec08b77558a496

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      6d2d281af8827b72f7ae71d1a5d8456d9a00015afa5b4d51dc97c3546418e5a8

    • Size

      394KB

    • MD5

      a9ea44f9608abc4cc10abe31485a17b7

    • SHA1

      4a528ab21b8f00369b835766b5fc743124154ae8

    • SHA256

      6d2d281af8827b72f7ae71d1a5d8456d9a00015afa5b4d51dc97c3546418e5a8

    • SHA512

      a111a9b56c1fb9f3b09fdec78642c137024505a416c9c8404ed076c416e51c8d3fbc7299868ab3a3408d5d888e3a34dc679b263bab23902ee6ec08b77558a496

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks