General

  • Target

    ca0dea25206457f8960de6d543e9fccd06b61a73e6c8cf2bf2eed60ef5dc3924

  • Size

    365KB

  • Sample

    241107-heflvsxhmj

  • MD5

    2cd4a80e2163934c3a44051c25966b22

  • SHA1

    4995ac547826cc89399feeb79c5265ceedfb9b64

  • SHA256

    ca0dea25206457f8960de6d543e9fccd06b61a73e6c8cf2bf2eed60ef5dc3924

  • SHA512

    d816ee4526889b7847478c439b72a23317a0b58100a56bd5c63e6bf9cab54382e941bc5ab210b7433f3d76df067a157459a8de03f80026d83a71ef6747b92f10

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      ca0dea25206457f8960de6d543e9fccd06b61a73e6c8cf2bf2eed60ef5dc3924

    • Size

      365KB

    • MD5

      2cd4a80e2163934c3a44051c25966b22

    • SHA1

      4995ac547826cc89399feeb79c5265ceedfb9b64

    • SHA256

      ca0dea25206457f8960de6d543e9fccd06b61a73e6c8cf2bf2eed60ef5dc3924

    • SHA512

      d816ee4526889b7847478c439b72a23317a0b58100a56bd5c63e6bf9cab54382e941bc5ab210b7433f3d76df067a157459a8de03f80026d83a71ef6747b92f10

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks