General

  • Target

    10e7a6ad31f3634ca072c2ac3e5a2ec14b6766cc

  • Size

    364KB

  • Sample

    241108-lvk33azhla

  • MD5

    1a4f32d90e7c7c1abb58b1ecee934535

  • SHA1

    10e7a6ad31f3634ca072c2ac3e5a2ec14b6766cc

  • SHA256

    fba13295e93e6857efc746513b7fdc55ad00bc9baf57a60633acbe167944581d

  • SHA512

    dc4b0bbfb18747ed1a8264eb7408fd6fd9bff3a81f812586a6967a6b5e5c4ca2ccc338034a2a2be065ec16a152935be2a147af20b2760c7e02a76857775165a6

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      10e7a6ad31f3634ca072c2ac3e5a2ec14b6766cc

    • Size

      364KB

    • MD5

      1a4f32d90e7c7c1abb58b1ecee934535

    • SHA1

      10e7a6ad31f3634ca072c2ac3e5a2ec14b6766cc

    • SHA256

      fba13295e93e6857efc746513b7fdc55ad00bc9baf57a60633acbe167944581d

    • SHA512

      dc4b0bbfb18747ed1a8264eb7408fd6fd9bff3a81f812586a6967a6b5e5c4ca2ccc338034a2a2be065ec16a152935be2a147af20b2760c7e02a76857775165a6

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks