General

  • Target

    a5f78e5ba84cd493058bf9bcfd9ad5a1a69a8b7227c5ddf6608d9f3554142c2f

  • Size

    394KB

  • Sample

    241110-wza4rs1qdy

  • MD5

    7a164a0d5cdc354a2da0131b33a336ca

  • SHA1

    5e3c493166af15b1b67399e1d5928defda78e5cf

  • SHA256

    a5f78e5ba84cd493058bf9bcfd9ad5a1a69a8b7227c5ddf6608d9f3554142c2f

  • SHA512

    5ea552321f9226b650b79283e807d1537bc98c77549d4c4ef929a911cb30a3784e0641ae4225557ee821df74b926e067f3d4f2b35bdbffe9d0fe37f12cb25ddc

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      a5f78e5ba84cd493058bf9bcfd9ad5a1a69a8b7227c5ddf6608d9f3554142c2f

    • Size

      394KB

    • MD5

      7a164a0d5cdc354a2da0131b33a336ca

    • SHA1

      5e3c493166af15b1b67399e1d5928defda78e5cf

    • SHA256

      a5f78e5ba84cd493058bf9bcfd9ad5a1a69a8b7227c5ddf6608d9f3554142c2f

    • SHA512

      5ea552321f9226b650b79283e807d1537bc98c77549d4c4ef929a911cb30a3784e0641ae4225557ee821df74b926e067f3d4f2b35bdbffe9d0fe37f12cb25ddc

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks