General

  • Target

    af1150f7bbaa4825c1fc66d17c94bc2e0f0c176a739912ab5905daa1a4f8f897

  • Size

    446KB

  • Sample

    241110-vjxgdstrbm

  • MD5

    5384a1276406a9521c448c70f2ca59d3

  • SHA1

    ba85a79cb0f4437d183455b23172eb4dd13c3b36

  • SHA256

    af1150f7bbaa4825c1fc66d17c94bc2e0f0c176a739912ab5905daa1a4f8f897

  • SHA512

    c59c49b3a33959f56028997e6c7dd1c3b8a85e5cdcde05733e7d5c287dabbfd4a095686897d15d0141eb15f2e1d3b40522cbd8624808ca63cae1eb88c85f54e8

  • SSDEEP

    6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      af1150f7bbaa4825c1fc66d17c94bc2e0f0c176a739912ab5905daa1a4f8f897

    • Size

      446KB

    • MD5

      5384a1276406a9521c448c70f2ca59d3

    • SHA1

      ba85a79cb0f4437d183455b23172eb4dd13c3b36

    • SHA256

      af1150f7bbaa4825c1fc66d17c94bc2e0f0c176a739912ab5905daa1a4f8f897

    • SHA512

      c59c49b3a33959f56028997e6c7dd1c3b8a85e5cdcde05733e7d5c287dabbfd4a095686897d15d0141eb15f2e1d3b40522cbd8624808ca63cae1eb88c85f54e8

    • SSDEEP

      6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks