General

  • Target

    ffa6968840a486a6f3d5f107b653de2de4cded38e331e290c595e28637543078

  • Size

    364KB

  • Sample

    241107-mp84dazncy

  • MD5

    3bd739d753a954a15be1a222a53333ff

  • SHA1

    b7512ed613d4d49df949060ec19c82596d542bb0

  • SHA256

    ffa6968840a486a6f3d5f107b653de2de4cded38e331e290c595e28637543078

  • SHA512

    5dae2a461f6ff43dae7e13dfe923e9d491a86d2be80919e0c79a4598cf50b701e6e8650e29cbe3cb7e04c6f650b7e02e7e291aaf68f4d8b5503b99cadfc8f106

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      ffa6968840a486a6f3d5f107b653de2de4cded38e331e290c595e28637543078

    • Size

      364KB

    • MD5

      3bd739d753a954a15be1a222a53333ff

    • SHA1

      b7512ed613d4d49df949060ec19c82596d542bb0

    • SHA256

      ffa6968840a486a6f3d5f107b653de2de4cded38e331e290c595e28637543078

    • SHA512

      5dae2a461f6ff43dae7e13dfe923e9d491a86d2be80919e0c79a4598cf50b701e6e8650e29cbe3cb7e04c6f650b7e02e7e291aaf68f4d8b5503b99cadfc8f106

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks