General

  • Target

    01513a3d2d0284c5ef807df4d36b52c204a49acb1495368458e8d417d73de075

  • Size

    263KB

  • Sample

    241107-tdfq1svkbv

  • MD5

    bbade1912f7574c6f58041487cd06caa

  • SHA1

    2452f5a67fa98ec3c0e06c2a74b2adcc7b28a8c3

  • SHA256

    01513a3d2d0284c5ef807df4d36b52c204a49acb1495368458e8d417d73de075

  • SHA512

    135c9a29f1daa9912c734fdd5281ae5a67b3a79ded0ea7a83d26b8ff99df6e134315cf04cbc449e99f2f207d33c68fffefd08fd268091901dc04b4303aefeccb

  • SSDEEP

    6144:ESp135UZOsCVhljjZHy3zlGmY7NpnH72uRLRDIYTI56zLh5BWpOV:EU35ACVhFjly3BzYB9b1RLlIYfLh52OV

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

193.233.48.58:38989

Attributes
  • auth_value

    7a741aa449c2131b60755b6dc189af74

Targets

    • Target

      a6ddc04c5b2797c8f802bc625019827e20ecb07d2bf3dd67e5016defb9bbd1ef

    • Size

      379KB

    • MD5

      dc535da962520bc6be21e835a0414baf

    • SHA1

      23b186cfcf6fda237af0181964e03d2652f38f45

    • SHA256

      a6ddc04c5b2797c8f802bc625019827e20ecb07d2bf3dd67e5016defb9bbd1ef

    • SHA512

      1e2923ec11218539fb03d838ef644a0a59df569bcc92ebd8c9fddf337a1c4869b76b9b1edc9be8b8aafb7976284aff29c4f828b89fe568c0b5841706a06f09c0

    • SSDEEP

      6144:5y++6Qp5aSyVH3WW6tLpE09xs4W92Hy3zl4mY7NpnH78uRLRDIWTI56HQDPBYiQv:5y+85aSyVH3s1E09up98y3BBYB9b/RLM

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks