General

  • Target

    6c7374d8e3c8fdee6e868eeffa991c42c539d583

  • Size

    360KB

  • Sample

    241108-esjnwsvgmb

  • MD5

    13ba731eb324768a348fc7c2b6875b65

  • SHA1

    6c7374d8e3c8fdee6e868eeffa991c42c539d583

  • SHA256

    9ece319910ab32ed44fc68e8d07861b10ee9ea25b02b34a32add8e81fbca605a

  • SHA512

    0df96b06be90ca67877d7cdb19f03bb090d01bbd2563b0f9719b24fca9cf4a65929a8132013f8f26ba09ecb44cfe7f58ca26bb80ea08e9598ea8c6a045c5c87b

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      6c7374d8e3c8fdee6e868eeffa991c42c539d583

    • Size

      360KB

    • MD5

      13ba731eb324768a348fc7c2b6875b65

    • SHA1

      6c7374d8e3c8fdee6e868eeffa991c42c539d583

    • SHA256

      9ece319910ab32ed44fc68e8d07861b10ee9ea25b02b34a32add8e81fbca605a

    • SHA512

      0df96b06be90ca67877d7cdb19f03bb090d01bbd2563b0f9719b24fca9cf4a65929a8132013f8f26ba09ecb44cfe7f58ca26bb80ea08e9598ea8c6a045c5c87b

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks