General

  • Target

    8d93dde8de2a5ad166b162b2cb4f70d99a400c88

  • Size

    364KB

  • Sample

    241106-r7ls1ssfqp

  • MD5

    6790c01dc439c58e4a2de826c2297eab

  • SHA1

    8d93dde8de2a5ad166b162b2cb4f70d99a400c88

  • SHA256

    d9cebaf0a245c029d69f83d30fecbaf71efd1b94cf9497c3aef7db19912cca85

  • SHA512

    06e929bc90e892a08fe634c191d0e734b1e304bec8b0ce2da9018e7ca100d257484f222ac7388b9ec9829420246b25df6f3725c6a85bb4fbb81d135d3577400f

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      8d93dde8de2a5ad166b162b2cb4f70d99a400c88

    • Size

      364KB

    • MD5

      6790c01dc439c58e4a2de826c2297eab

    • SHA1

      8d93dde8de2a5ad166b162b2cb4f70d99a400c88

    • SHA256

      d9cebaf0a245c029d69f83d30fecbaf71efd1b94cf9497c3aef7db19912cca85

    • SHA512

      06e929bc90e892a08fe634c191d0e734b1e304bec8b0ce2da9018e7ca100d257484f222ac7388b9ec9829420246b25df6f3725c6a85bb4fbb81d135d3577400f

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks