General

  • Target

    b6afd0f6c11a48c0d58701caf90797289b7b7f2b943f42134822f636e6343dac

  • Size

    394KB

  • Sample

    241110-wajdva1fnm

  • MD5

    f4be512baf5421c53c4fb2a16abb88fc

  • SHA1

    cb1e1f9e2230a2edfbdd90fc3dbe43e0d0bcb952

  • SHA256

    b6afd0f6c11a48c0d58701caf90797289b7b7f2b943f42134822f636e6343dac

  • SHA512

    1e74f7e3e681484ead00bc6ba80c18ea41cedbbd00f06b363eeaef5286c79ee7bdf491f1df5a174ca8c57a53cc4d83acae16cd9f5c6089b70cb5665333c92aa4

  • SSDEEP

    6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      b6afd0f6c11a48c0d58701caf90797289b7b7f2b943f42134822f636e6343dac

    • Size

      394KB

    • MD5

      f4be512baf5421c53c4fb2a16abb88fc

    • SHA1

      cb1e1f9e2230a2edfbdd90fc3dbe43e0d0bcb952

    • SHA256

      b6afd0f6c11a48c0d58701caf90797289b7b7f2b943f42134822f636e6343dac

    • SHA512

      1e74f7e3e681484ead00bc6ba80c18ea41cedbbd00f06b363eeaef5286c79ee7bdf491f1df5a174ca8c57a53cc4d83acae16cd9f5c6089b70cb5665333c92aa4

    • SSDEEP

      6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks