General

  • Target

    f9f1d3d08abe0ac07cf032d5eb03a15e1d46dc5aeb3d9d8d795ea65ff33b57cc

  • Size

    446KB

  • Sample

    241110-zyt22aykek

  • MD5

    253d804f716262301702bd5df2683ced

  • SHA1

    0be3ffec4ef962af08540b0654d11e005c3f1da0

  • SHA256

    f9f1d3d08abe0ac07cf032d5eb03a15e1d46dc5aeb3d9d8d795ea65ff33b57cc

  • SHA512

    828f7472559b3c7e1d851e31a334db503659f2b6241110bccc7c62ebe782811cb81f8c7c3aca0bef5bafc1ea8e68712a750306d495ecd60103e6e7ed0f8c3a7d

  • SSDEEP

    12288:S8ejRy6JaJelQM6uGOKMaWxHJpizjWs4M:XqYes3MxxHJpR7M

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      f9f1d3d08abe0ac07cf032d5eb03a15e1d46dc5aeb3d9d8d795ea65ff33b57cc

    • Size

      446KB

    • MD5

      253d804f716262301702bd5df2683ced

    • SHA1

      0be3ffec4ef962af08540b0654d11e005c3f1da0

    • SHA256

      f9f1d3d08abe0ac07cf032d5eb03a15e1d46dc5aeb3d9d8d795ea65ff33b57cc

    • SHA512

      828f7472559b3c7e1d851e31a334db503659f2b6241110bccc7c62ebe782811cb81f8c7c3aca0bef5bafc1ea8e68712a750306d495ecd60103e6e7ed0f8c3a7d

    • SSDEEP

      12288:S8ejRy6JaJelQM6uGOKMaWxHJpizjWs4M:XqYes3MxxHJpR7M

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks