General

  • Target

    505ee78ac639bda1ea10d82ab485efab3b74f6573ba3a024ea37c0fea932b0e1

  • Size

    433KB

  • Sample

    241111-la9wpa1jer

  • MD5

    1d64f08c728f1f2ef99c687e73ff1b58

  • SHA1

    88f6c805a71075100787a2bc7167b3a39dff9e88

  • SHA256

    505ee78ac639bda1ea10d82ab485efab3b74f6573ba3a024ea37c0fea932b0e1

  • SHA512

    a76991ecd346a88f6ccb67b9eddda745a83729c95efc701a79fc4dd9e6e9bc660ea612462bd61c2b19bd2c83ca56aa940d020248e704f0aedf0da4cfd4476adc

  • SSDEEP

    6144:FkedgevvvIm6t1uVWIad8Ko0aY2xxoNr/psbefV3uu1Hbs/rzte:2edKT/Iqow6oNr/psbet3uuts/rzE

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      505ee78ac639bda1ea10d82ab485efab3b74f6573ba3a024ea37c0fea932b0e1

    • Size

      433KB

    • MD5

      1d64f08c728f1f2ef99c687e73ff1b58

    • SHA1

      88f6c805a71075100787a2bc7167b3a39dff9e88

    • SHA256

      505ee78ac639bda1ea10d82ab485efab3b74f6573ba3a024ea37c0fea932b0e1

    • SHA512

      a76991ecd346a88f6ccb67b9eddda745a83729c95efc701a79fc4dd9e6e9bc660ea612462bd61c2b19bd2c83ca56aa940d020248e704f0aedf0da4cfd4476adc

    • SSDEEP

      6144:FkedgevvvIm6t1uVWIad8Ko0aY2xxoNr/psbefV3uu1Hbs/rzte:2edKT/Iqow6oNr/psbet3uuts/rzE

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks