General

  • Target

    c6c703f6dbd2fa8c9510307449ad7bda541af34d5a4c97aa3decc3f959d348a5

  • Size

    446KB

  • Sample

    241111-k2zdlaxarl

  • MD5

    b989fbefa940fee983c619c3dd1f64df

  • SHA1

    0fc0935648c69804335eb146c4da26f38febe816

  • SHA256

    c6c703f6dbd2fa8c9510307449ad7bda541af34d5a4c97aa3decc3f959d348a5

  • SHA512

    a7450fa95449fdce73b9fdaa86fb439c620f71044b14c1bc326644fa0d11af9f9e47dc2df070be535171437038011f52aba11a4a0d61ea9d8c0e4d04c8c9469f

  • SSDEEP

    6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      c6c703f6dbd2fa8c9510307449ad7bda541af34d5a4c97aa3decc3f959d348a5

    • Size

      446KB

    • MD5

      b989fbefa940fee983c619c3dd1f64df

    • SHA1

      0fc0935648c69804335eb146c4da26f38febe816

    • SHA256

      c6c703f6dbd2fa8c9510307449ad7bda541af34d5a4c97aa3decc3f959d348a5

    • SHA512

      a7450fa95449fdce73b9fdaa86fb439c620f71044b14c1bc326644fa0d11af9f9e47dc2df070be535171437038011f52aba11a4a0d61ea9d8c0e4d04c8c9469f

    • SSDEEP

      6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks