General

  • Target

    3d0c986504ba3071d675047f8409a35245e80ab96fa0d27b3d3d50b620f8f4df

  • Size

    352KB

  • Sample

    241111-mn4r9sydjf

  • MD5

    b7577cd1f2b5b39952cc2ee7f1c32acd

  • SHA1

    a0c64948905e9d8bd57914b042389b4b73eea2ce

  • SHA256

    3d0c986504ba3071d675047f8409a35245e80ab96fa0d27b3d3d50b620f8f4df

  • SHA512

    1ad528c97d843d2bef0753654cbb65f8474793ad43ca537027eef1bfe6aa190b17f6598c4f4081cdf2e8e78cbc8c8abe54f62b448eed85b7409d2f4def6a3abc

  • SSDEEP

    3072:LTL3Afq8nkgV0AEaGdD0ASqf71YqA7E698YkpgzxOlDD5JEH68aKeeH4yB3bB:/L3AfdbV/UdD0ARTHE0YuG8ZkHgBIB

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      3d0c986504ba3071d675047f8409a35245e80ab96fa0d27b3d3d50b620f8f4df

    • Size

      352KB

    • MD5

      b7577cd1f2b5b39952cc2ee7f1c32acd

    • SHA1

      a0c64948905e9d8bd57914b042389b4b73eea2ce

    • SHA256

      3d0c986504ba3071d675047f8409a35245e80ab96fa0d27b3d3d50b620f8f4df

    • SHA512

      1ad528c97d843d2bef0753654cbb65f8474793ad43ca537027eef1bfe6aa190b17f6598c4f4081cdf2e8e78cbc8c8abe54f62b448eed85b7409d2f4def6a3abc

    • SSDEEP

      3072:LTL3Afq8nkgV0AEaGdD0ASqf71YqA7E698YkpgzxOlDD5JEH68aKeeH4yB3bB:/L3AfdbV/UdD0ARTHE0YuG8ZkHgBIB

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks