General

  • Target

    879945a9c7618616e6001eac38b8769e86a4e7a9

  • Size

    363KB

  • Sample

    241107-swp7qsvdph

  • MD5

    7a598f8791d2175793cef02b08187f45

  • SHA1

    879945a9c7618616e6001eac38b8769e86a4e7a9

  • SHA256

    55623ee7a8c5d315decf2848cfd4b59eea4bb5f50c7cf3f219aefd9520c0f721

  • SHA512

    191ebb71e170e1a59b4c96940002dde8b3e3be3688e9728f92a4358ae9e778f1a4d7b9352dff6a6402c7e1d21eacd7d17d39f239a5806a2e1a0c3e05a62a91f7

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      879945a9c7618616e6001eac38b8769e86a4e7a9

    • Size

      363KB

    • MD5

      7a598f8791d2175793cef02b08187f45

    • SHA1

      879945a9c7618616e6001eac38b8769e86a4e7a9

    • SHA256

      55623ee7a8c5d315decf2848cfd4b59eea4bb5f50c7cf3f219aefd9520c0f721

    • SHA512

      191ebb71e170e1a59b4c96940002dde8b3e3be3688e9728f92a4358ae9e778f1a4d7b9352dff6a6402c7e1d21eacd7d17d39f239a5806a2e1a0c3e05a62a91f7

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks