General

  • Target

    10ef35d06aecd13689694a35e9c182fd1c18ac1fd8aabc9fd14254caef1fff40

  • Size

    433KB

  • Sample

    241110-zaqppstpaz

  • MD5

    64bae7c9f5bceb457e3e172fa337f8b2

  • SHA1

    f7439169aae8f7d3513f816197cebb22c7f5b810

  • SHA256

    10ef35d06aecd13689694a35e9c182fd1c18ac1fd8aabc9fd14254caef1fff40

  • SHA512

    d6e0527923e7b91a52e42deffadd3581819f2ea1a03ded78c168990e85225eae4bf3a4051f99f2201a8f9d97dd754df772d6d5d0ddee68ddc2a2be3987814ca1

  • SSDEEP

    12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      10ef35d06aecd13689694a35e9c182fd1c18ac1fd8aabc9fd14254caef1fff40

    • Size

      433KB

    • MD5

      64bae7c9f5bceb457e3e172fa337f8b2

    • SHA1

      f7439169aae8f7d3513f816197cebb22c7f5b810

    • SHA256

      10ef35d06aecd13689694a35e9c182fd1c18ac1fd8aabc9fd14254caef1fff40

    • SHA512

      d6e0527923e7b91a52e42deffadd3581819f2ea1a03ded78c168990e85225eae4bf3a4051f99f2201a8f9d97dd754df772d6d5d0ddee68ddc2a2be3987814ca1

    • SSDEEP

      12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks