General

  • Target

    2f73a111f38e9f768b538e62477ce50269dfb4c94fea655fd7752d5bf29de180

  • Size

    273KB

  • Sample

    241110-yp4pfatkcx

  • MD5

    3cdb43bb2e4b1cd21f7c7849189e0b21

  • SHA1

    1f6404d9e83f5dad080ef40965496ae446dc14d4

  • SHA256

    2f73a111f38e9f768b538e62477ce50269dfb4c94fea655fd7752d5bf29de180

  • SHA512

    1f474ec67ee3090fcf57597b81760205fa12723f000bc0ee6b87e179a143c6c888c8c456eccaa855b1434e450726385948be75c029d1fd1be07955237e8d6021

  • SSDEEP

    6144:h8qL1OPqNLpBmk+fF1FhLeVLvNE8qifYqui4nB:eqcPqNLLm1FxeV7y8FKzn

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      2f73a111f38e9f768b538e62477ce50269dfb4c94fea655fd7752d5bf29de180

    • Size

      273KB

    • MD5

      3cdb43bb2e4b1cd21f7c7849189e0b21

    • SHA1

      1f6404d9e83f5dad080ef40965496ae446dc14d4

    • SHA256

      2f73a111f38e9f768b538e62477ce50269dfb4c94fea655fd7752d5bf29de180

    • SHA512

      1f474ec67ee3090fcf57597b81760205fa12723f000bc0ee6b87e179a143c6c888c8c456eccaa855b1434e450726385948be75c029d1fd1be07955237e8d6021

    • SSDEEP

      6144:h8qL1OPqNLpBmk+fF1FhLeVLvNE8qifYqui4nB:eqcPqNLLm1FxeV7y8FKzn

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks