General

  • Target

    fe95a7330f2f68e3178f2ea9c60c4c97

  • Size

    363KB

  • Sample

    241106-n8rh4sskgj

  • MD5

    fe95a7330f2f68e3178f2ea9c60c4c97

  • SHA1

    b3189b5eacf65f825a2c1fb8e4982a7e2f1384f3

  • SHA256

    3995a7d078cad053daa2d5cd1e320d2117482d094c3cf7b2428efdfbbafcb4ae

  • SHA512

    08366614511a0bd9ed9dc2f93c28dfec75d7ac9c31f2170ecc21c6220dbf3d4fda0aeb1816a995ca1a5728ca0f68b35af75e56c134d79d5b0874826e15c3194e

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      fe95a7330f2f68e3178f2ea9c60c4c97

    • Size

      363KB

    • MD5

      fe95a7330f2f68e3178f2ea9c60c4c97

    • SHA1

      b3189b5eacf65f825a2c1fb8e4982a7e2f1384f3

    • SHA256

      3995a7d078cad053daa2d5cd1e320d2117482d094c3cf7b2428efdfbbafcb4ae

    • SHA512

      08366614511a0bd9ed9dc2f93c28dfec75d7ac9c31f2170ecc21c6220dbf3d4fda0aeb1816a995ca1a5728ca0f68b35af75e56c134d79d5b0874826e15c3194e

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks