General

  • Target

    91ef743294d61cd36c0c465cf8ae832a1fbbd0fd

  • Size

    364KB

  • Sample

    241108-l14glazhrh

  • MD5

    2e11bc639d982b1ac4e2d75c6178f7e9

  • SHA1

    91ef743294d61cd36c0c465cf8ae832a1fbbd0fd

  • SHA256

    345bb72d678a73ed5a67559f1734afa636d723294a3c7c0273b001c5cffb698a

  • SHA512

    5ddd76fbcffb754109cbe9f20162156606eeaf9bf3e68cafae4ddbbd019b6ba8e333be9668ca759152d1c94bef0b3e46d9f35eb215e301567249ee012501b159

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      91ef743294d61cd36c0c465cf8ae832a1fbbd0fd

    • Size

      364KB

    • MD5

      2e11bc639d982b1ac4e2d75c6178f7e9

    • SHA1

      91ef743294d61cd36c0c465cf8ae832a1fbbd0fd

    • SHA256

      345bb72d678a73ed5a67559f1734afa636d723294a3c7c0273b001c5cffb698a

    • SHA512

      5ddd76fbcffb754109cbe9f20162156606eeaf9bf3e68cafae4ddbbd019b6ba8e333be9668ca759152d1c94bef0b3e46d9f35eb215e301567249ee012501b159

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks