General

  • Target

    59103dc9426ddd96be06decd512d3422d4d6a0bc3a5d8f2d43996b0609fdc985

  • Size

    434KB

  • Sample

    241110-xanh8ssjcx

  • MD5

    1ff0eee20f77f90ae4c80df12c9e26b5

  • SHA1

    537eecf2488009133f67b30f844b2037db38d074

  • SHA256

    59103dc9426ddd96be06decd512d3422d4d6a0bc3a5d8f2d43996b0609fdc985

  • SHA512

    463711c7cbaf7d00abd0b3ade03a22e6e59850e6241a95aaa7355342023a87302d58966df7c4c6e4e51f08c3963c48fcd728ceb960adcd3681c8c420e5353730

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      59103dc9426ddd96be06decd512d3422d4d6a0bc3a5d8f2d43996b0609fdc985

    • Size

      434KB

    • MD5

      1ff0eee20f77f90ae4c80df12c9e26b5

    • SHA1

      537eecf2488009133f67b30f844b2037db38d074

    • SHA256

      59103dc9426ddd96be06decd512d3422d4d6a0bc3a5d8f2d43996b0609fdc985

    • SHA512

      463711c7cbaf7d00abd0b3ade03a22e6e59850e6241a95aaa7355342023a87302d58966df7c4c6e4e51f08c3963c48fcd728ceb960adcd3681c8c420e5353730

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks