General

  • Target

    0b691b050d2b67319db2005528a4b160

  • Size

    364KB

  • Sample

    241106-qtacds1glq

  • MD5

    0b691b050d2b67319db2005528a4b160

  • SHA1

    64a40cadf11375a89f5389c7b1460638e0cd94f1

  • SHA256

    0e0f2ba6ae7f96832c9d0b7eab87173a491215b3312941b53bf8f445e6ca7334

  • SHA512

    71c6554b550c09404a30ba538b4058325cf922837f5ab47371723b147a20fcb2bb90e419ddc6d0fdb80f60aac055c4a24afc959b51bb3179eeda0bcea858d54c

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      0b691b050d2b67319db2005528a4b160

    • Size

      364KB

    • MD5

      0b691b050d2b67319db2005528a4b160

    • SHA1

      64a40cadf11375a89f5389c7b1460638e0cd94f1

    • SHA256

      0e0f2ba6ae7f96832c9d0b7eab87173a491215b3312941b53bf8f445e6ca7334

    • SHA512

      71c6554b550c09404a30ba538b4058325cf922837f5ab47371723b147a20fcb2bb90e419ddc6d0fdb80f60aac055c4a24afc959b51bb3179eeda0bcea858d54c

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks