General

  • Target

    e5af53001855ed03fc672799a65f3a30841003aec6a465594e6035a254317bbf

  • Size

    433KB

  • Sample

    241110-y5gjvavcle

  • MD5

    b40da72715dddf8642bd4a41fd8099da

  • SHA1

    91ac68c7420e68c10c12be8524d6044d48b551d5

  • SHA256

    e5af53001855ed03fc672799a65f3a30841003aec6a465594e6035a254317bbf

  • SHA512

    9e9c8e5569bba20cbbdd6d23d269538748a5ce3e383b7c2e2db17f42e4bee47d4595aaeeed136741dfcb559b07bf1657cabadaae257f240b96531fd3b39bd8af

  • SSDEEP

    6144:gkzT5Nf9ZbDnOgfq1HjKNi+Hn33b8poHwiMc4oKoN3:fT5XZ+gfqdjKNdHn33bAoHwQ4oKM

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      e5af53001855ed03fc672799a65f3a30841003aec6a465594e6035a254317bbf

    • Size

      433KB

    • MD5

      b40da72715dddf8642bd4a41fd8099da

    • SHA1

      91ac68c7420e68c10c12be8524d6044d48b551d5

    • SHA256

      e5af53001855ed03fc672799a65f3a30841003aec6a465594e6035a254317bbf

    • SHA512

      9e9c8e5569bba20cbbdd6d23d269538748a5ce3e383b7c2e2db17f42e4bee47d4595aaeeed136741dfcb559b07bf1657cabadaae257f240b96531fd3b39bd8af

    • SSDEEP

      6144:gkzT5Nf9ZbDnOgfq1HjKNi+Hn33b8poHwiMc4oKoN3:fT5XZ+gfqdjKNdHn33bAoHwQ4oKM

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks