General

  • Target

    22044b16e2a59fd231ea953ecd2ff05e

  • Size

    364KB

  • Sample

    241106-zhbkraxeje

  • MD5

    22044b16e2a59fd231ea953ecd2ff05e

  • SHA1

    4970589946a8c7a0478076588c298e3760fffe2e

  • SHA256

    3107cbf0c3c0ae5ced255ef7453b88062d29ca22bc0e901f4a9ede1c8a561dc4

  • SHA512

    a5169a98a4662d49985434f6d85d08fef9696122dc4db63796f1336ecf98a0626cad810491dcfd3b9954c42806c2f46b147b6a6e7babf73e058546e02f6d5089

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      22044b16e2a59fd231ea953ecd2ff05e

    • Size

      364KB

    • MD5

      22044b16e2a59fd231ea953ecd2ff05e

    • SHA1

      4970589946a8c7a0478076588c298e3760fffe2e

    • SHA256

      3107cbf0c3c0ae5ced255ef7453b88062d29ca22bc0e901f4a9ede1c8a561dc4

    • SHA512

      a5169a98a4662d49985434f6d85d08fef9696122dc4db63796f1336ecf98a0626cad810491dcfd3b9954c42806c2f46b147b6a6e7babf73e058546e02f6d5089

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks