General

  • Target

    5bafdf46a7408571d3278a223420e295a5848ee325895845aa54d862e7e329ea

  • Size

    252KB

  • Sample

    241110-vq2ppa1dkr

  • MD5

    d4ff99fedc66a004f73fc0bac813d9c7

  • SHA1

    b022d061aa111dbab0b9e44405a0eed37cfcaa92

  • SHA256

    5bafdf46a7408571d3278a223420e295a5848ee325895845aa54d862e7e329ea

  • SHA512

    cacadb13b83d67f0b75fdbf5ddac24412c5a0e8405ac7b5ef7492704b0139171a5adf2e8c9255033252356d551f8c65c8c4be6df4170a2f819f87948089ccc21

  • SSDEEP

    6144:iHL5GYhcaac9d/k1TTLPrg+8D0B4VR+ILuO8lNfunXMhzWyB:wlGgcusTTv0VR+IL+lNfun8lWy

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      5bafdf46a7408571d3278a223420e295a5848ee325895845aa54d862e7e329ea

    • Size

      252KB

    • MD5

      d4ff99fedc66a004f73fc0bac813d9c7

    • SHA1

      b022d061aa111dbab0b9e44405a0eed37cfcaa92

    • SHA256

      5bafdf46a7408571d3278a223420e295a5848ee325895845aa54d862e7e329ea

    • SHA512

      cacadb13b83d67f0b75fdbf5ddac24412c5a0e8405ac7b5ef7492704b0139171a5adf2e8c9255033252356d551f8c65c8c4be6df4170a2f819f87948089ccc21

    • SSDEEP

      6144:iHL5GYhcaac9d/k1TTLPrg+8D0B4VR+ILuO8lNfunXMhzWyB:wlGgcusTTv0VR+IL+lNfun8lWy

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks