General

  • Target

    c92041823b3f30399059f29850635b3c133cefa45b2fbbfcfcf03516e8abfd4c

  • Size

    364KB

  • Sample

    241106-ycff3sxbkr

  • MD5

    7a54d93ab4e271ee0e2759b45993a442

  • SHA1

    4401759343f04704a4ddb93bdc1c1e4119f506b8

  • SHA256

    c92041823b3f30399059f29850635b3c133cefa45b2fbbfcfcf03516e8abfd4c

  • SHA512

    22e9634bae7d0112ef9c556f2b7e1a32357b741bceeddc36c25f33ed4e6b508df361734c16f8cae1ab812eca93c7ba4dcae32be47880196681d10477d711e9e8

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      c92041823b3f30399059f29850635b3c133cefa45b2fbbfcfcf03516e8abfd4c

    • Size

      364KB

    • MD5

      7a54d93ab4e271ee0e2759b45993a442

    • SHA1

      4401759343f04704a4ddb93bdc1c1e4119f506b8

    • SHA256

      c92041823b3f30399059f29850635b3c133cefa45b2fbbfcfcf03516e8abfd4c

    • SHA512

      22e9634bae7d0112ef9c556f2b7e1a32357b741bceeddc36c25f33ed4e6b508df361734c16f8cae1ab812eca93c7ba4dcae32be47880196681d10477d711e9e8

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks