General

  • Target

    de11a3a8fa8fc45faf69bee7925cac57405f046b

  • Size

    360KB

  • Sample

    241107-vl1a3avrdw

  • MD5

    b7a1cbcdfbff04d4a51ba6d89300f798

  • SHA1

    de11a3a8fa8fc45faf69bee7925cac57405f046b

  • SHA256

    9bc6a587d7852b717813f2ea0b78db00c6cd667693a5287ff91c3a167736579a

  • SHA512

    ddac9c18893dd3121c18948011c3cae7d71ab6cb8347f34e592876404698f2ca14b7f40380d686e7f5b714ee91bc025c22c23825be8dda3cde7ec0e78954806f

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      de11a3a8fa8fc45faf69bee7925cac57405f046b

    • Size

      360KB

    • MD5

      b7a1cbcdfbff04d4a51ba6d89300f798

    • SHA1

      de11a3a8fa8fc45faf69bee7925cac57405f046b

    • SHA256

      9bc6a587d7852b717813f2ea0b78db00c6cd667693a5287ff91c3a167736579a

    • SHA512

      ddac9c18893dd3121c18948011c3cae7d71ab6cb8347f34e592876404698f2ca14b7f40380d686e7f5b714ee91bc025c22c23825be8dda3cde7ec0e78954806f

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks