General

  • Target

    aa4b0d06aa96e30eff55965893be0040c1ea3868

  • Size

    363KB

  • Sample

    241108-1cqcdszfla

  • MD5

    ef95357f8bf352d63bc5584d337238be

  • SHA1

    aa4b0d06aa96e30eff55965893be0040c1ea3868

  • SHA256

    25df1b59ba7d95ebcf9c8dd81cb99cb4fc6024c27da039ea09dfd8151941f286

  • SHA512

    6edd89bd9bbc5b514e2aadbb5d7a0a47712f9c7d870186fc84608201c5af86ba1d789cdc75bb92877cc35b633009bbe8ac21ab0ef2926c309734ec280ea07f1e

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      aa4b0d06aa96e30eff55965893be0040c1ea3868

    • Size

      363KB

    • MD5

      ef95357f8bf352d63bc5584d337238be

    • SHA1

      aa4b0d06aa96e30eff55965893be0040c1ea3868

    • SHA256

      25df1b59ba7d95ebcf9c8dd81cb99cb4fc6024c27da039ea09dfd8151941f286

    • SHA512

      6edd89bd9bbc5b514e2aadbb5d7a0a47712f9c7d870186fc84608201c5af86ba1d789cdc75bb92877cc35b633009bbe8ac21ab0ef2926c309734ec280ea07f1e

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks