General

  • Target

    819e6445f807a6a3efda605e79eb2d0104366bba

  • Size

    364KB

  • Sample

    241106-z8jn2szqcl

  • MD5

    702ae028566be37858284d8b7e8fb076

  • SHA1

    819e6445f807a6a3efda605e79eb2d0104366bba

  • SHA256

    5bd3a9fd1ebcac26066bc8f0b9349fac4ba797e683f6ffe8e8f8957b244141aa

  • SHA512

    d656f2d03b49257463b6df6808192b07a7158b6c814d8505b21b74a0c63f9f1b90992c4edbd59162a3d323116cf0c68b9d613f8fd9cd732460068a03457d5df1

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      819e6445f807a6a3efda605e79eb2d0104366bba

    • Size

      364KB

    • MD5

      702ae028566be37858284d8b7e8fb076

    • SHA1

      819e6445f807a6a3efda605e79eb2d0104366bba

    • SHA256

      5bd3a9fd1ebcac26066bc8f0b9349fac4ba797e683f6ffe8e8f8957b244141aa

    • SHA512

      d656f2d03b49257463b6df6808192b07a7158b6c814d8505b21b74a0c63f9f1b90992c4edbd59162a3d323116cf0c68b9d613f8fd9cd732460068a03457d5df1

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks