General

  • Target

    ff79a7240f9700628be568e5cf3235c9bff1d641

  • Size

    364KB

  • Sample

    241107-j835pa1pen

  • MD5

    62a3f751fdaa86e02b44087611a5f966

  • SHA1

    ff79a7240f9700628be568e5cf3235c9bff1d641

  • SHA256

    c0b93d155cc29848ea15f8cff507341f2a28f34b911065aa6f63d2dfc46afdcf

  • SHA512

    dccb11bf5905a19ebfb064812aca1e07848539ed52e5eebfd97afc4d02ed5fdea6d6e012e044e7e7c6cdd360f304297ca02391e3d55d9650ddc1113c12556640

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      ff79a7240f9700628be568e5cf3235c9bff1d641

    • Size

      364KB

    • MD5

      62a3f751fdaa86e02b44087611a5f966

    • SHA1

      ff79a7240f9700628be568e5cf3235c9bff1d641

    • SHA256

      c0b93d155cc29848ea15f8cff507341f2a28f34b911065aa6f63d2dfc46afdcf

    • SHA512

      dccb11bf5905a19ebfb064812aca1e07848539ed52e5eebfd97afc4d02ed5fdea6d6e012e044e7e7c6cdd360f304297ca02391e3d55d9650ddc1113c12556640

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks