General

  • Target

    0388681f74c0bc3147b2c601b2e1eab2964c78494fb3f418b77d08c4440bd159

  • Size

    433KB

  • Sample

    241111-kexw9awja1

  • MD5

    26e89f31c2a1e7908c5ccc5b4690c082

  • SHA1

    4d5db418602d2b7da28e9f2afd1d9b9118e36068

  • SHA256

    0388681f74c0bc3147b2c601b2e1eab2964c78494fb3f418b77d08c4440bd159

  • SHA512

    2cccc5aea14784361904e3840fe16a8e9f3d36dffb2d12ff432d790a9ee4c9206f44dc2fc70ec397c7734cbe6dad0818e0116b95417b14abfbd03441b7ac89dc

  • SSDEEP

    12288:e1XjK6akObaCR71RWmXgYCR7Veo8R3T/+8NpKS:eak4J1LqA9+Ch

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      0388681f74c0bc3147b2c601b2e1eab2964c78494fb3f418b77d08c4440bd159

    • Size

      433KB

    • MD5

      26e89f31c2a1e7908c5ccc5b4690c082

    • SHA1

      4d5db418602d2b7da28e9f2afd1d9b9118e36068

    • SHA256

      0388681f74c0bc3147b2c601b2e1eab2964c78494fb3f418b77d08c4440bd159

    • SHA512

      2cccc5aea14784361904e3840fe16a8e9f3d36dffb2d12ff432d790a9ee4c9206f44dc2fc70ec397c7734cbe6dad0818e0116b95417b14abfbd03441b7ac89dc

    • SSDEEP

      12288:e1XjK6akObaCR71RWmXgYCR7Veo8R3T/+8NpKS:eak4J1LqA9+Ch

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks