General

  • Target

    427b715f264413fe810a6cabe587ebc2abcff3f128fcadb13af53f318e978132

  • Size

    434KB

  • Sample

    241110-xbw7rssdqp

  • MD5

    ded7981ceec6138aee59eecc53b7cb4f

  • SHA1

    9f0779d42ebcec7bbdb12a47c702c99b63f64e24

  • SHA256

    427b715f264413fe810a6cabe587ebc2abcff3f128fcadb13af53f318e978132

  • SHA512

    f81d17b173bfaab46bd07044e8edfc069e3091c922dd5672fa1570dc7087707a8c08ac2bbe629c57664701262849ca0b0d9b844039577bcec8c3feecd579c038

  • SSDEEP

    6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      427b715f264413fe810a6cabe587ebc2abcff3f128fcadb13af53f318e978132

    • Size

      434KB

    • MD5

      ded7981ceec6138aee59eecc53b7cb4f

    • SHA1

      9f0779d42ebcec7bbdb12a47c702c99b63f64e24

    • SHA256

      427b715f264413fe810a6cabe587ebc2abcff3f128fcadb13af53f318e978132

    • SHA512

      f81d17b173bfaab46bd07044e8edfc069e3091c922dd5672fa1570dc7087707a8c08ac2bbe629c57664701262849ca0b0d9b844039577bcec8c3feecd579c038

    • SSDEEP

      6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks