General

  • Target

    819b3cbd0cec2b5a210f9a2d11613d492e2f861d0bce04ea200171b797bf2a77

  • Size

    364KB

  • Sample

    241108-gkmrpayrdj

  • MD5

    ee80815da83182d5c01aeb4627f9d298

  • SHA1

    95ba6eb411d7b767bd5bdcf9e694d327050432c5

  • SHA256

    819b3cbd0cec2b5a210f9a2d11613d492e2f861d0bce04ea200171b797bf2a77

  • SHA512

    979f06594cf1b1928cf85a1354de28886402d0037404960986934b326f8350785ed9a77226cf8a63fd18d3281679347ce7652561b6cc73b787f9fd73a5ee405c

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      819b3cbd0cec2b5a210f9a2d11613d492e2f861d0bce04ea200171b797bf2a77

    • Size

      364KB

    • MD5

      ee80815da83182d5c01aeb4627f9d298

    • SHA1

      95ba6eb411d7b767bd5bdcf9e694d327050432c5

    • SHA256

      819b3cbd0cec2b5a210f9a2d11613d492e2f861d0bce04ea200171b797bf2a77

    • SHA512

      979f06594cf1b1928cf85a1354de28886402d0037404960986934b326f8350785ed9a77226cf8a63fd18d3281679347ce7652561b6cc73b787f9fd73a5ee405c

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks