General

  • Target

    d7c1c0f627803a067654f029087c465a540a34b963f84cce8d7d67898bb8bfd7

  • Size

    273KB

  • Sample

    241111-kl8bkawgmn

  • MD5

    9af11f1f415f889d34454284ad04e5ce

  • SHA1

    aa4dff961b387602ada4664ced818780d47af256

  • SHA256

    d7c1c0f627803a067654f029087c465a540a34b963f84cce8d7d67898bb8bfd7

  • SHA512

    ee914ec26e1968e950556d21ff75fbce0f07083618efc0b32014dad460b9499c51e0053898d7cfb8ee9558260c8ee7d35bdf263504736b09cb2b05e5b5b052dd

  • SSDEEP

    6144:j8qL1OPq9S9LzZB4z16XgrVVED7jgxr23r3VwGB:oqcPq9S1ZB4z1+grAD3gxib9

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      d7c1c0f627803a067654f029087c465a540a34b963f84cce8d7d67898bb8bfd7

    • Size

      273KB

    • MD5

      9af11f1f415f889d34454284ad04e5ce

    • SHA1

      aa4dff961b387602ada4664ced818780d47af256

    • SHA256

      d7c1c0f627803a067654f029087c465a540a34b963f84cce8d7d67898bb8bfd7

    • SHA512

      ee914ec26e1968e950556d21ff75fbce0f07083618efc0b32014dad460b9499c51e0053898d7cfb8ee9558260c8ee7d35bdf263504736b09cb2b05e5b5b052dd

    • SSDEEP

      6144:j8qL1OPq9S9LzZB4z16XgrVVED7jgxr23r3VwGB:oqcPq9S1ZB4z1+grAD3gxib9

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks