General

  • Target

    6c2846d19012c0aad535268ed16c3f6934696c3a

  • Size

    364KB

  • Sample

    241108-eakhgavdjh

  • MD5

    e8e697db88a4cf5c45d93014a929ef35

  • SHA1

    6c2846d19012c0aad535268ed16c3f6934696c3a

  • SHA256

    37105bad0c5552aec83384e3496ca096d6bf8eec306afd0bdcaf31fa42b7eec3

  • SHA512

    a140a39bdfd956116f160f839ab05d23cb74adf7f05176c7ca781f75a93ed041ccf8cc33e5aa0f388ca619cc3a59d09af7096bd78bd94b732e17d545e89cced5

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      6c2846d19012c0aad535268ed16c3f6934696c3a

    • Size

      364KB

    • MD5

      e8e697db88a4cf5c45d93014a929ef35

    • SHA1

      6c2846d19012c0aad535268ed16c3f6934696c3a

    • SHA256

      37105bad0c5552aec83384e3496ca096d6bf8eec306afd0bdcaf31fa42b7eec3

    • SHA512

      a140a39bdfd956116f160f839ab05d23cb74adf7f05176c7ca781f75a93ed041ccf8cc33e5aa0f388ca619cc3a59d09af7096bd78bd94b732e17d545e89cced5

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks