General

  • Target

    700a655f60616249137c4717adb1727c0c7f9d7a

  • Size

    364KB

  • Sample

    241108-xche1axcrg

  • MD5

    d70fb6f85c17e8d1d46afba6b5a0f4c4

  • SHA1

    700a655f60616249137c4717adb1727c0c7f9d7a

  • SHA256

    e2b00fb239bd6cca8413c097287df70d042a4a48c6fc68311db43a520a783a49

  • SHA512

    77c793507dacf65d4a93ba28d37cc24e632af3caa773f0abb4cbc4fffbbd0ce2bd863362b9a05b77d977e8533df5543861c7cb4bfb12f2deaf6b3fc55f5ee82c

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      700a655f60616249137c4717adb1727c0c7f9d7a

    • Size

      364KB

    • MD5

      d70fb6f85c17e8d1d46afba6b5a0f4c4

    • SHA1

      700a655f60616249137c4717adb1727c0c7f9d7a

    • SHA256

      e2b00fb239bd6cca8413c097287df70d042a4a48c6fc68311db43a520a783a49

    • SHA512

      77c793507dacf65d4a93ba28d37cc24e632af3caa773f0abb4cbc4fffbbd0ce2bd863362b9a05b77d977e8533df5543861c7cb4bfb12f2deaf6b3fc55f5ee82c

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks