General

  • Target

    ddcd0c04c3988ee44f95b8b84e243aedbd9eb4e4208792094a076f2ddf8e84e3

  • Size

    434KB

  • Sample

    241111-j1d6lawgkb

  • MD5

    4dd9345e3458fea695456e19b2ab173c

  • SHA1

    9f8c9cdf557b7c6354caa6ca65384e0183bbdde5

  • SHA256

    ddcd0c04c3988ee44f95b8b84e243aedbd9eb4e4208792094a076f2ddf8e84e3

  • SHA512

    ea4278fb9df804072a7b2f0923ea26a6b78fb423131d2ba3851693805cdbd101a51e49744db9d4ccae9db8be8bc10a6c526bc283eda253fd4ce88f7941633104

  • SSDEEP

    6144:z6b0HLLvfYOGa7hFs+TMrSwRoSIPbYVMoNr/psoF3736O1GdkT3TBNht:b6avJMvoS6bgMoNr/psoFr36O+kT3F

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      ddcd0c04c3988ee44f95b8b84e243aedbd9eb4e4208792094a076f2ddf8e84e3

    • Size

      434KB

    • MD5

      4dd9345e3458fea695456e19b2ab173c

    • SHA1

      9f8c9cdf557b7c6354caa6ca65384e0183bbdde5

    • SHA256

      ddcd0c04c3988ee44f95b8b84e243aedbd9eb4e4208792094a076f2ddf8e84e3

    • SHA512

      ea4278fb9df804072a7b2f0923ea26a6b78fb423131d2ba3851693805cdbd101a51e49744db9d4ccae9db8be8bc10a6c526bc283eda253fd4ce88f7941633104

    • SSDEEP

      6144:z6b0HLLvfYOGa7hFs+TMrSwRoSIPbYVMoNr/psoF3736O1GdkT3TBNht:b6avJMvoS6bgMoNr/psoFr36O+kT3F

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks