General

  • Target

    4950d45b7e750d85d751bd40f166b6469e3c7f8e

  • Size

    364KB

  • Sample

    241107-jmtn5axnfy

  • MD5

    f16c38df9ad415bcb8a7e6334a5bce9e

  • SHA1

    4950d45b7e750d85d751bd40f166b6469e3c7f8e

  • SHA256

    5ab5d2c7629150d9383fee27ef193539b91b47c46cda36134563a242d334425d

  • SHA512

    6c06f844621dbc17493ac0531f75b96030e22cfb9315422f2d7ed8b57fe52fa8dc8f0e91ddcdbae0a4fd5deb63dbbfedfcac176d5873a4d2296aee05ef0f8ec8

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      4950d45b7e750d85d751bd40f166b6469e3c7f8e

    • Size

      364KB

    • MD5

      f16c38df9ad415bcb8a7e6334a5bce9e

    • SHA1

      4950d45b7e750d85d751bd40f166b6469e3c7f8e

    • SHA256

      5ab5d2c7629150d9383fee27ef193539b91b47c46cda36134563a242d334425d

    • SHA512

      6c06f844621dbc17493ac0531f75b96030e22cfb9315422f2d7ed8b57fe52fa8dc8f0e91ddcdbae0a4fd5deb63dbbfedfcac176d5873a4d2296aee05ef0f8ec8

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks