General

  • Target

    d9f4440dceb352e60c3cd94da96fc209da6b517dd64f80debc06a0990a0c1939

  • Size

    433KB

  • Sample

    241111-jt365svnh1

  • MD5

    294ccfa0c85944296d1b30304f67a177

  • SHA1

    1607f6553e0b18e5d66ee294f2d76e6d9e5ab195

  • SHA256

    d9f4440dceb352e60c3cd94da96fc209da6b517dd64f80debc06a0990a0c1939

  • SHA512

    6edb205bcd15caea31cba8140d214e3cd9a44f58eb949c1e8d5d5bda936c6bf3cf53a6fb7794a91002d014429c8e741fbee2dd6d297a1d0052c451455439af96

  • SSDEEP

    6144:FkedgevvvIm6t1uVWIad8Ko0aY2xxoNr/psbefV3uu1Hbs/rzte:2edKT/Iqow6oNr/psbet3uuts/rzE

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      d9f4440dceb352e60c3cd94da96fc209da6b517dd64f80debc06a0990a0c1939

    • Size

      433KB

    • MD5

      294ccfa0c85944296d1b30304f67a177

    • SHA1

      1607f6553e0b18e5d66ee294f2d76e6d9e5ab195

    • SHA256

      d9f4440dceb352e60c3cd94da96fc209da6b517dd64f80debc06a0990a0c1939

    • SHA512

      6edb205bcd15caea31cba8140d214e3cd9a44f58eb949c1e8d5d5bda936c6bf3cf53a6fb7794a91002d014429c8e741fbee2dd6d297a1d0052c451455439af96

    • SSDEEP

      6144:FkedgevvvIm6t1uVWIad8Ko0aY2xxoNr/psbefV3uu1Hbs/rzte:2edKT/Iqow6oNr/psbet3uuts/rzE

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks