General

  • Target

    590de6034a7ea0b10a4675174ff5ae36244311d86df3fff4a7592a4c164030b6

  • Size

    432KB

  • Sample

    241110-yjtmaatdqr

  • MD5

    57e2635386d373f8e97025f248583129

  • SHA1

    31296217e56731c4f2c2a401e1aa1bdacb42c49f

  • SHA256

    590de6034a7ea0b10a4675174ff5ae36244311d86df3fff4a7592a4c164030b6

  • SHA512

    d17c9019423fdbd26155d1c47b8595d1610ca9e675f695b19b8495235d6ef333ffc08b7bbc1cc012fcf13ee0ddb6adae178bdd2e6c8f965de8c65fcdcfb8f5a0

  • SSDEEP

    6144:JegQHXT3Kt595Gwa3jL/fhaCkIfyOR0iNHxzjK3mdDqkGs/QAB:J6Dat56webfhaCkIfldHxzm3mdVGs/Q

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      590de6034a7ea0b10a4675174ff5ae36244311d86df3fff4a7592a4c164030b6

    • Size

      432KB

    • MD5

      57e2635386d373f8e97025f248583129

    • SHA1

      31296217e56731c4f2c2a401e1aa1bdacb42c49f

    • SHA256

      590de6034a7ea0b10a4675174ff5ae36244311d86df3fff4a7592a4c164030b6

    • SHA512

      d17c9019423fdbd26155d1c47b8595d1610ca9e675f695b19b8495235d6ef333ffc08b7bbc1cc012fcf13ee0ddb6adae178bdd2e6c8f965de8c65fcdcfb8f5a0

    • SSDEEP

      6144:JegQHXT3Kt595Gwa3jL/fhaCkIfyOR0iNHxzjK3mdDqkGs/QAB:J6Dat56webfhaCkIfldHxzm3mdVGs/Q

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks