General

  • Target

    1e04620591b6f7a8e092b155056c4b40bc749ddb087dc9b2c1201c73a7ab5714

  • Size

    273KB

  • Sample

    241110-x6z7xateja

  • MD5

    6d724614083a4a9fd31989c36191ff4a

  • SHA1

    7880bf6c30fea243c87837788da35055057cb547

  • SHA256

    1e04620591b6f7a8e092b155056c4b40bc749ddb087dc9b2c1201c73a7ab5714

  • SHA512

    d2f7ce226df0784f61efd5de1a5ccd8be2b28222e7aab9ab29485e87a1742a12ba75a6b128c79bf07083ade9dcdb5e081046f056983fc1cb4994a93af4851f07

  • SSDEEP

    6144:bdqL9TqYimTVI7rSr3n8NJpH0HtDZkuuIgZuUjptNrmCdT6VwLB:ZqJTq0TwQ8NJpH0NFkuyN9frmCde6L

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      1e04620591b6f7a8e092b155056c4b40bc749ddb087dc9b2c1201c73a7ab5714

    • Size

      273KB

    • MD5

      6d724614083a4a9fd31989c36191ff4a

    • SHA1

      7880bf6c30fea243c87837788da35055057cb547

    • SHA256

      1e04620591b6f7a8e092b155056c4b40bc749ddb087dc9b2c1201c73a7ab5714

    • SHA512

      d2f7ce226df0784f61efd5de1a5ccd8be2b28222e7aab9ab29485e87a1742a12ba75a6b128c79bf07083ade9dcdb5e081046f056983fc1cb4994a93af4851f07

    • SSDEEP

      6144:bdqL9TqYimTVI7rSr3n8NJpH0HtDZkuuIgZuUjptNrmCdT6VwLB:ZqJTq0TwQ8NJpH0NFkuyN9frmCde6L

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks