General

  • Target

    f264a8f4e17b225fa6b3ab0ec0409b1b8ad37c7fbe137838d54bcec907762e96

  • Size

    394KB

  • Sample

    241111-j929savra1

  • MD5

    49d7b3535467434d1eae33a8cca09621

  • SHA1

    90f4a005210fd58b6a6e4b548c5007b0eec03ff1

  • SHA256

    f264a8f4e17b225fa6b3ab0ec0409b1b8ad37c7fbe137838d54bcec907762e96

  • SHA512

    c272625b31f948034c4cebf257b74c776155a3da12b7cf1cb3d354821edb489bb7bd564c0c8bddd6f0e5eadc91b0663c1dfacd8283614beda05a31f6d08d3d7f

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      f264a8f4e17b225fa6b3ab0ec0409b1b8ad37c7fbe137838d54bcec907762e96

    • Size

      394KB

    • MD5

      49d7b3535467434d1eae33a8cca09621

    • SHA1

      90f4a005210fd58b6a6e4b548c5007b0eec03ff1

    • SHA256

      f264a8f4e17b225fa6b3ab0ec0409b1b8ad37c7fbe137838d54bcec907762e96

    • SHA512

      c272625b31f948034c4cebf257b74c776155a3da12b7cf1cb3d354821edb489bb7bd564c0c8bddd6f0e5eadc91b0663c1dfacd8283614beda05a31f6d08d3d7f

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks