General

  • Target

    5c272e8ef5860a2b98665d7837eb44b4c3c7ec47d48142cddafb267a71a25002

  • Size

    434KB

  • Sample

    241110-vtjnaavjen

  • MD5

    adb4bbb1333c7188b882c6547f287312

  • SHA1

    b1a4b8e18089f2cc6c457908f75b80a16a336407

  • SHA256

    5c272e8ef5860a2b98665d7837eb44b4c3c7ec47d48142cddafb267a71a25002

  • SHA512

    18e8a480531836c754eb59dbffb4eaaeeac6925c5f52c6fbec51309e93c3f69fac49080241a7743cb740629c0676b66d6259960b27221db0e3c71cc02188c40e

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      5c272e8ef5860a2b98665d7837eb44b4c3c7ec47d48142cddafb267a71a25002

    • Size

      434KB

    • MD5

      adb4bbb1333c7188b882c6547f287312

    • SHA1

      b1a4b8e18089f2cc6c457908f75b80a16a336407

    • SHA256

      5c272e8ef5860a2b98665d7837eb44b4c3c7ec47d48142cddafb267a71a25002

    • SHA512

      18e8a480531836c754eb59dbffb4eaaeeac6925c5f52c6fbec51309e93c3f69fac49080241a7743cb740629c0676b66d6259960b27221db0e3c71cc02188c40e

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks