General

  • Target

    882879d02e29afc4c3f676faa21bc8c6

  • Size

    363KB

  • Sample

    241107-levybssmck

  • MD5

    882879d02e29afc4c3f676faa21bc8c6

  • SHA1

    ab6c0eea1c47dffe283d4d77b9b1246957c46711

  • SHA256

    9af739850da9c800b271b131bd5e8891a39c715969878048c35cc5ede34fd045

  • SHA512

    977ad6928793393bf7172147c25dcc405426711148783bd4d7c2f116971c7758e01e0934f6f1067a4a3534d183d2138b9eadefb05bcb2a949eeb51c0653df1f5

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      882879d02e29afc4c3f676faa21bc8c6

    • Size

      363KB

    • MD5

      882879d02e29afc4c3f676faa21bc8c6

    • SHA1

      ab6c0eea1c47dffe283d4d77b9b1246957c46711

    • SHA256

      9af739850da9c800b271b131bd5e8891a39c715969878048c35cc5ede34fd045

    • SHA512

      977ad6928793393bf7172147c25dcc405426711148783bd4d7c2f116971c7758e01e0934f6f1067a4a3534d183d2138b9eadefb05bcb2a949eeb51c0653df1f5

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks