General

  • Target

    83b89dd0eac9dc797b459258028dd18cbaef1698

  • Size

    361KB

  • Sample

    241106-yx19aayrfn

  • MD5

    9289a13948811e4c6a60387f1ee48a7d

  • SHA1

    83b89dd0eac9dc797b459258028dd18cbaef1698

  • SHA256

    4b76cf6974a34e4822baa768dc16cbd74812b39173eb7f8d3181ff9714db1598

  • SHA512

    189e2e59edf7c1b541bdc493f240c571cbc7342a2546cdcd10f1c0bff0a6d598d751b1b228f9600873aac85d933ed9dbc42798c7535da5c8d3be4f1da0e33f13

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      83b89dd0eac9dc797b459258028dd18cbaef1698

    • Size

      361KB

    • MD5

      9289a13948811e4c6a60387f1ee48a7d

    • SHA1

      83b89dd0eac9dc797b459258028dd18cbaef1698

    • SHA256

      4b76cf6974a34e4822baa768dc16cbd74812b39173eb7f8d3181ff9714db1598

    • SHA512

      189e2e59edf7c1b541bdc493f240c571cbc7342a2546cdcd10f1c0bff0a6d598d751b1b228f9600873aac85d933ed9dbc42798c7535da5c8d3be4f1da0e33f13

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks