General

  • Target

    47d0815250a46f228dd52ba986d30fbf3b1364ff2197bf6946937a87ed7035e2

  • Size

    394KB

  • Sample

    241111-mvszca1ran

  • MD5

    42c6decc37777e4e6726676990fb8753

  • SHA1

    29e09f97f177553e1fb0568bdd58c6f853110ef9

  • SHA256

    47d0815250a46f228dd52ba986d30fbf3b1364ff2197bf6946937a87ed7035e2

  • SHA512

    9ce44bdccc2c71827bae9a2d4672b17c7b4e0c797126ea99b0fe844b8442b61d64e38045bcc5bb3a446170d2d9161b1a2232f58c57d0fae1c6bf687258ca1f5c

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      47d0815250a46f228dd52ba986d30fbf3b1364ff2197bf6946937a87ed7035e2

    • Size

      394KB

    • MD5

      42c6decc37777e4e6726676990fb8753

    • SHA1

      29e09f97f177553e1fb0568bdd58c6f853110ef9

    • SHA256

      47d0815250a46f228dd52ba986d30fbf3b1364ff2197bf6946937a87ed7035e2

    • SHA512

      9ce44bdccc2c71827bae9a2d4672b17c7b4e0c797126ea99b0fe844b8442b61d64e38045bcc5bb3a446170d2d9161b1a2232f58c57d0fae1c6bf687258ca1f5c

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks