General

  • Target

    0e3699ae3f2daa57db370696d73bb8a529700acfe97786f8de5e33a23598cc6e

  • Size

    434KB

  • Sample

    241111-k1qp3azran

  • MD5

    1c7de4c76a8b03c921b3c5800f5f0292

  • SHA1

    3ecbc93d6639e8816c5db8abf18abeeca2da26ce

  • SHA256

    0e3699ae3f2daa57db370696d73bb8a529700acfe97786f8de5e33a23598cc6e

  • SHA512

    810a88a32f393c76af12b6081303228dfb9f7e0d256c37c09f33e05cac67536488b5a1acf0bcc9e9225550492f995e32d44c329c966f1205b93f4afda37005ee

  • SSDEEP

    6144:z6b0HLLvfYOGa7hFs+TMrSwRoSIPbYVMoNr/psoF3736O1GdkT3TBNht:b6avJMvoS6bgMoNr/psoFr36O+kT3F

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      0e3699ae3f2daa57db370696d73bb8a529700acfe97786f8de5e33a23598cc6e

    • Size

      434KB

    • MD5

      1c7de4c76a8b03c921b3c5800f5f0292

    • SHA1

      3ecbc93d6639e8816c5db8abf18abeeca2da26ce

    • SHA256

      0e3699ae3f2daa57db370696d73bb8a529700acfe97786f8de5e33a23598cc6e

    • SHA512

      810a88a32f393c76af12b6081303228dfb9f7e0d256c37c09f33e05cac67536488b5a1acf0bcc9e9225550492f995e32d44c329c966f1205b93f4afda37005ee

    • SSDEEP

      6144:z6b0HLLvfYOGa7hFs+TMrSwRoSIPbYVMoNr/psoF3736O1GdkT3TBNht:b6avJMvoS6bgMoNr/psoFr36O+kT3F

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks