General

  • Target

    6e59f01e7f44ed402405849b8951870736300c3ee8fd2335ca60db6b7c5f9360

  • Size

    433KB

  • Sample

    241111-mzvzha1rer

  • MD5

    6ad6ebeb73a7068f7fdfce3e413a3135

  • SHA1

    15240b0dc579c527c106e62be49078ab997019d4

  • SHA256

    6e59f01e7f44ed402405849b8951870736300c3ee8fd2335ca60db6b7c5f9360

  • SHA512

    05e195ebbc46017eaa86e6a73e8e8c0bb20a2f86bd83340f5be09438cc3443c7e751def8355f32d122b88f2fb43c4d94086bfe67e33330b551a080a30da95587

  • SSDEEP

    12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      6e59f01e7f44ed402405849b8951870736300c3ee8fd2335ca60db6b7c5f9360

    • Size

      433KB

    • MD5

      6ad6ebeb73a7068f7fdfce3e413a3135

    • SHA1

      15240b0dc579c527c106e62be49078ab997019d4

    • SHA256

      6e59f01e7f44ed402405849b8951870736300c3ee8fd2335ca60db6b7c5f9360

    • SHA512

      05e195ebbc46017eaa86e6a73e8e8c0bb20a2f86bd83340f5be09438cc3443c7e751def8355f32d122b88f2fb43c4d94086bfe67e33330b551a080a30da95587

    • SSDEEP

      12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks