General

  • Target

    ff2cf375b358309189b5cb857907d4a68c1446e45d5f000a982c4bcc9899719d

  • Size

    360KB

  • Sample

    241107-m1ry8szpfw

  • MD5

    0531549ab3c544437f873578979b734c

  • SHA1

    26e01d5db9d006db44721c7b65ac791c4de7c8e7

  • SHA256

    ff2cf375b358309189b5cb857907d4a68c1446e45d5f000a982c4bcc9899719d

  • SHA512

    2912dcdd9881ea6e1d830f567c25ac98ee234e009a4f22a0879a37d33311f061314a2399a63e00e15587e089de66b25e983774b80969a6c2b822be83d88651a3

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      ff2cf375b358309189b5cb857907d4a68c1446e45d5f000a982c4bcc9899719d

    • Size

      360KB

    • MD5

      0531549ab3c544437f873578979b734c

    • SHA1

      26e01d5db9d006db44721c7b65ac791c4de7c8e7

    • SHA256

      ff2cf375b358309189b5cb857907d4a68c1446e45d5f000a982c4bcc9899719d

    • SHA512

      2912dcdd9881ea6e1d830f567c25ac98ee234e009a4f22a0879a37d33311f061314a2399a63e00e15587e089de66b25e983774b80969a6c2b822be83d88651a3

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks