General

  • Target

    8cdd5f642768f5084a6fa8e01ad12ba54d7b77b116022bae087cbd996cabad96

  • Size

    293KB

  • Sample

    241110-y5s8msthpm

  • MD5

    f3e9d30ff1f69be74ed0e1f3ab3c63b1

  • SHA1

    ad619bae971a1c9a19e89528787f28b63b955170

  • SHA256

    8cdd5f642768f5084a6fa8e01ad12ba54d7b77b116022bae087cbd996cabad96

  • SHA512

    a74ffb994eb444eaa5e13b0bebd87e2034ddfe450622cb5fa2e34efa56d4754b2bef43feae1e35610c39ce5a9c28368ffc747ccc0fadb61e20bb3bd5e42fd702

  • SSDEEP

    6144:CLaS0U0uK3XyxqmFnNfEkUM8M+ShuSz6abPuzbgwuvjB:CuS0Uqn+FGk/8Mfh5OWunn0

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.168:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      8cdd5f642768f5084a6fa8e01ad12ba54d7b77b116022bae087cbd996cabad96

    • Size

      293KB

    • MD5

      f3e9d30ff1f69be74ed0e1f3ab3c63b1

    • SHA1

      ad619bae971a1c9a19e89528787f28b63b955170

    • SHA256

      8cdd5f642768f5084a6fa8e01ad12ba54d7b77b116022bae087cbd996cabad96

    • SHA512

      a74ffb994eb444eaa5e13b0bebd87e2034ddfe450622cb5fa2e34efa56d4754b2bef43feae1e35610c39ce5a9c28368ffc747ccc0fadb61e20bb3bd5e42fd702

    • SSDEEP

      6144:CLaS0U0uK3XyxqmFnNfEkUM8M+ShuSz6abPuzbgwuvjB:CuS0Uqn+FGk/8Mfh5OWunn0

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks