General

  • Target

    fbd4a74ba85c2940a83db8ed8caf3eb39f3eccfd340d8821115469401535696e

  • Size

    364KB

  • Sample

    241107-t2e5dswbrd

  • MD5

    d55e1d9b4eb7c4ed4a5dc175380f0baf

  • SHA1

    030505822bed34e88e92cad734e5cb9024940bd7

  • SHA256

    fbd4a74ba85c2940a83db8ed8caf3eb39f3eccfd340d8821115469401535696e

  • SHA512

    26811f0b4e242389f49bca60846ad95be4972b7bf223d5146cbe51c06cc97671eb1c1960c70983b6eaf4ad7ea6b31da44fe9ce37daa709eb9454695dce8c233a

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      fbd4a74ba85c2940a83db8ed8caf3eb39f3eccfd340d8821115469401535696e

    • Size

      364KB

    • MD5

      d55e1d9b4eb7c4ed4a5dc175380f0baf

    • SHA1

      030505822bed34e88e92cad734e5cb9024940bd7

    • SHA256

      fbd4a74ba85c2940a83db8ed8caf3eb39f3eccfd340d8821115469401535696e

    • SHA512

      26811f0b4e242389f49bca60846ad95be4972b7bf223d5146cbe51c06cc97671eb1c1960c70983b6eaf4ad7ea6b31da44fe9ce37daa709eb9454695dce8c233a

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks