General

  • Target

    9da16029ca146747c75c0233fa5c2d81554edc547883a3936271369b564faeba

  • Size

    446KB

  • Sample

    241111-kcrmfsvrft

  • MD5

    c5239c95537127d5357ea8952376bc38

  • SHA1

    6c11582f1e8ef0e6bdc0274e70f882849284b009

  • SHA256

    9da16029ca146747c75c0233fa5c2d81554edc547883a3936271369b564faeba

  • SHA512

    463e0dae31a933267934a67afaa24b79258112b4856e7fd517afd4090fc80f1aa9d5f2070db9a68f4c55660d9a27d228dcef5fbf9dc3bb1e63cb53ae2ff37602

  • SSDEEP

    12288:S8ejRy6JaJelQM6uGOKMaWxHJpizjWs4M:XqYes3MxxHJpR7M

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      9da16029ca146747c75c0233fa5c2d81554edc547883a3936271369b564faeba

    • Size

      446KB

    • MD5

      c5239c95537127d5357ea8952376bc38

    • SHA1

      6c11582f1e8ef0e6bdc0274e70f882849284b009

    • SHA256

      9da16029ca146747c75c0233fa5c2d81554edc547883a3936271369b564faeba

    • SHA512

      463e0dae31a933267934a67afaa24b79258112b4856e7fd517afd4090fc80f1aa9d5f2070db9a68f4c55660d9a27d228dcef5fbf9dc3bb1e63cb53ae2ff37602

    • SSDEEP

      12288:S8ejRy6JaJelQM6uGOKMaWxHJpizjWs4M:XqYes3MxxHJpR7M

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks