General

  • Target

    7ea8129edf5f35703ce70a52269e3375e5bef982a4927bd1f2ef8972b46800ed

  • Size

    433KB

  • Sample

    241111-ma7l1a1neq

  • MD5

    4f6c9e23cc69409a97ee8c9e0cc54175

  • SHA1

    b79d7df7f02c0b529d23f5fa6b54cf0f9fa1d510

  • SHA256

    7ea8129edf5f35703ce70a52269e3375e5bef982a4927bd1f2ef8972b46800ed

  • SHA512

    efc939949df4fb9a35f393bbe63c23108f095849d2b6d7f6316efd4dfdfe85e0e0b49bc592d54ab6093fc06566c3a8253ad21d40d6f111b1ff486a9f543a9542

  • SSDEEP

    12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      7ea8129edf5f35703ce70a52269e3375e5bef982a4927bd1f2ef8972b46800ed

    • Size

      433KB

    • MD5

      4f6c9e23cc69409a97ee8c9e0cc54175

    • SHA1

      b79d7df7f02c0b529d23f5fa6b54cf0f9fa1d510

    • SHA256

      7ea8129edf5f35703ce70a52269e3375e5bef982a4927bd1f2ef8972b46800ed

    • SHA512

      efc939949df4fb9a35f393bbe63c23108f095849d2b6d7f6316efd4dfdfe85e0e0b49bc592d54ab6093fc06566c3a8253ad21d40d6f111b1ff486a9f543a9542

    • SSDEEP

      12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks