General

  • Target

    7ea27aa8a51f4d653f6525e6a80e5aa1f33c720f6eb0d59fbf2b8ee80d5c32d0

  • Size

    360KB

  • Sample

    241108-lqklqszhmn

  • MD5

    2b311157cac834cb7829d6d3768dbf29

  • SHA1

    ad1b256c4638f7617f093c12b8f56d2e6e2e0c5b

  • SHA256

    7ea27aa8a51f4d653f6525e6a80e5aa1f33c720f6eb0d59fbf2b8ee80d5c32d0

  • SHA512

    282b9e3c9f8abb1e490389247de92c1dcc13712465622ebf5d2bd42bd1724af7627393331d1ed9edb12eee46384d3bcef79859796a3fd8d291bb210edce9b54e

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      7ea27aa8a51f4d653f6525e6a80e5aa1f33c720f6eb0d59fbf2b8ee80d5c32d0

    • Size

      360KB

    • MD5

      2b311157cac834cb7829d6d3768dbf29

    • SHA1

      ad1b256c4638f7617f093c12b8f56d2e6e2e0c5b

    • SHA256

      7ea27aa8a51f4d653f6525e6a80e5aa1f33c720f6eb0d59fbf2b8ee80d5c32d0

    • SHA512

      282b9e3c9f8abb1e490389247de92c1dcc13712465622ebf5d2bd42bd1724af7627393331d1ed9edb12eee46384d3bcef79859796a3fd8d291bb210edce9b54e

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks