General

  • Target

    aeeaf541e4e1035f75b232ee9260862a

  • Size

    363KB

  • Sample

    241108-xeq5xszmdq

  • MD5

    aeeaf541e4e1035f75b232ee9260862a

  • SHA1

    419b9153e11a7d6e4ac4957afa9392d1aa71d69a

  • SHA256

    45fafbfdbab0c35818cccd716c73b74d1c9be2dae6982bf030a7e149a4831d6d

  • SHA512

    6048774c1c1634ae8c0314964a14e506cc1930705d9bed874b1ea73a69eb9034a1bf095c5c79f6b8d8a4055ac26df830f4bdfb8131bedd3929741060e2b12f27

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      aeeaf541e4e1035f75b232ee9260862a

    • Size

      363KB

    • MD5

      aeeaf541e4e1035f75b232ee9260862a

    • SHA1

      419b9153e11a7d6e4ac4957afa9392d1aa71d69a

    • SHA256

      45fafbfdbab0c35818cccd716c73b74d1c9be2dae6982bf030a7e149a4831d6d

    • SHA512

      6048774c1c1634ae8c0314964a14e506cc1930705d9bed874b1ea73a69eb9034a1bf095c5c79f6b8d8a4055ac26df830f4bdfb8131bedd3929741060e2b12f27

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks