General

  • Target

    af04ce083d6bb0b3646b2fdd76f90412affc2962

  • Size

    363KB

  • Sample

    241108-xh7xvawqft

  • MD5

    0acaa7dc357e8fdeddd6f928d72f326b

  • SHA1

    af04ce083d6bb0b3646b2fdd76f90412affc2962

  • SHA256

    0b0b36de595231dcf04fc690bc31ce68d8947f09b18b128f4a438c5513362376

  • SHA512

    83f84ce09e367a796dd044afd138d5441d870accb59d3793be99f954a1726a70c9e30139d520a3f68fbaaf2f339a8c1131031b18d85239ae1836c6337736be66

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      af04ce083d6bb0b3646b2fdd76f90412affc2962

    • Size

      363KB

    • MD5

      0acaa7dc357e8fdeddd6f928d72f326b

    • SHA1

      af04ce083d6bb0b3646b2fdd76f90412affc2962

    • SHA256

      0b0b36de595231dcf04fc690bc31ce68d8947f09b18b128f4a438c5513362376

    • SHA512

      83f84ce09e367a796dd044afd138d5441d870accb59d3793be99f954a1726a70c9e30139d520a3f68fbaaf2f339a8c1131031b18d85239ae1836c6337736be66

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks