General

  • Target

    ddd4ba94bd90271c259308132ce7c2b0db397bf966809613c2ccbeff7619dd3a

  • Size

    293KB

  • Sample

    241111-j4ddgazlbj

  • MD5

    0a13758032b5ac06936aec0a7cb743d3

  • SHA1

    ee4d15974c8a403af01a54e4900674c385c1cb25

  • SHA256

    ddd4ba94bd90271c259308132ce7c2b0db397bf966809613c2ccbeff7619dd3a

  • SHA512

    21cdbda891f5dea225d94e111d3a69ba6e79520b3c215b253f667a89bf89f335adcf9401450cf8ccaebcb0bfd483308da1a85e77dd8bffee7eaf05afd40a1d68

  • SSDEEP

    6144:CLaS0U0uK3XyxqmFnNfEkUM8M+ShuSz6abPuzbgwuvjB:CuS0Uqn+FGk/8Mfh5OWunn0

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.168:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      ddd4ba94bd90271c259308132ce7c2b0db397bf966809613c2ccbeff7619dd3a

    • Size

      293KB

    • MD5

      0a13758032b5ac06936aec0a7cb743d3

    • SHA1

      ee4d15974c8a403af01a54e4900674c385c1cb25

    • SHA256

      ddd4ba94bd90271c259308132ce7c2b0db397bf966809613c2ccbeff7619dd3a

    • SHA512

      21cdbda891f5dea225d94e111d3a69ba6e79520b3c215b253f667a89bf89f335adcf9401450cf8ccaebcb0bfd483308da1a85e77dd8bffee7eaf05afd40a1d68

    • SSDEEP

      6144:CLaS0U0uK3XyxqmFnNfEkUM8M+ShuSz6abPuzbgwuvjB:CuS0Uqn+FGk/8Mfh5OWunn0

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks