General

  • Target

    5c8caa24c2dbcec2b7177f5aea995448062432704a747f818798d3144dab8b6d

  • Size

    434KB

  • Sample

    241111-kxh6tawlgx

  • MD5

    87175b75653ffab79c1843266a9417cc

  • SHA1

    2de61d657442fa098c14f9a4ab31d3476711fdd7

  • SHA256

    5c8caa24c2dbcec2b7177f5aea995448062432704a747f818798d3144dab8b6d

  • SHA512

    8a2d721597e08194f113d539bbd966b63b052cf7f17d706bfa29a465fa0104c6e8c14e031dd2c6ab087643c9b0b300a1fb19f4acba6898830c10ae6f38540f3e

  • SSDEEP

    12288:OIVUIC/qcIs72/cPQIInQAoqMQdds+4R:OKUIC/2CPQVQdW3

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      5c8caa24c2dbcec2b7177f5aea995448062432704a747f818798d3144dab8b6d

    • Size

      434KB

    • MD5

      87175b75653ffab79c1843266a9417cc

    • SHA1

      2de61d657442fa098c14f9a4ab31d3476711fdd7

    • SHA256

      5c8caa24c2dbcec2b7177f5aea995448062432704a747f818798d3144dab8b6d

    • SHA512

      8a2d721597e08194f113d539bbd966b63b052cf7f17d706bfa29a465fa0104c6e8c14e031dd2c6ab087643c9b0b300a1fb19f4acba6898830c10ae6f38540f3e

    • SSDEEP

      12288:OIVUIC/qcIs72/cPQIInQAoqMQdds+4R:OKUIC/2CPQVQdW3

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks