General

  • Target

    95130cdba0dda2935bcf1889cf92cfd8730afe88

  • Size

    364KB

  • Sample

    241108-bg171ssalh

  • MD5

    daeb014b48a80a222d0c5be6d7dd49d4

  • SHA1

    95130cdba0dda2935bcf1889cf92cfd8730afe88

  • SHA256

    f0607a7b80b6391dfe4806f1fd501d23c547e85558b2991a06dc6e24b16ecbe0

  • SHA512

    72a8bc65da4fdd72cc63621daa744e537fb3fb441771d032cd888d7da135368d38945e814613b52dc7e810c33b56a906e0c08e86305f0b4001d0e810a3caf45b

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      95130cdba0dda2935bcf1889cf92cfd8730afe88

    • Size

      364KB

    • MD5

      daeb014b48a80a222d0c5be6d7dd49d4

    • SHA1

      95130cdba0dda2935bcf1889cf92cfd8730afe88

    • SHA256

      f0607a7b80b6391dfe4806f1fd501d23c547e85558b2991a06dc6e24b16ecbe0

    • SHA512

      72a8bc65da4fdd72cc63621daa744e537fb3fb441771d032cd888d7da135368d38945e814613b52dc7e810c33b56a906e0c08e86305f0b4001d0e810a3caf45b

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks