General

  • Target

    563d303c04405e63b7a8a28f4e348b7d46c45df7

  • Size

    364KB

  • Sample

    241108-ezqe1svhnh

  • MD5

    5ee4db7df0839e5fcb4261537a6c42b6

  • SHA1

    563d303c04405e63b7a8a28f4e348b7d46c45df7

  • SHA256

    17de035f031c241991790b7b243480e3bb10f1270c0754c29e7f50dba004030d

  • SHA512

    610e43602b7aa5cd5dfd20bbd05a1f5bccf1289aa188f09fa1606d057e73d846aa17d5d08244afd68b16b4cc5ff4e3ffd4f14da0235596aab2543340b1d57331

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      563d303c04405e63b7a8a28f4e348b7d46c45df7

    • Size

      364KB

    • MD5

      5ee4db7df0839e5fcb4261537a6c42b6

    • SHA1

      563d303c04405e63b7a8a28f4e348b7d46c45df7

    • SHA256

      17de035f031c241991790b7b243480e3bb10f1270c0754c29e7f50dba004030d

    • SHA512

      610e43602b7aa5cd5dfd20bbd05a1f5bccf1289aa188f09fa1606d057e73d846aa17d5d08244afd68b16b4cc5ff4e3ffd4f14da0235596aab2543340b1d57331

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks