General

  • Target

    3051df1006d3b58d56c89eea302d671528a5884ba4b1a425ba1a6dc3a8089772

  • Size

    363KB

  • Sample

    241108-xhnh7sxfmp

  • MD5

    f2441688e1c8341bcaabd13e12dbe11c

  • SHA1

    27e5cfaeed8cd0357d0ed493c41b52e3bcf18000

  • SHA256

    3051df1006d3b58d56c89eea302d671528a5884ba4b1a425ba1a6dc3a8089772

  • SHA512

    69593bddf04ad98fc8a166f954046bc8ea157baf8e4120aee53b578821a069027f1591e0b8d929b07614b1de30e5ea5a569c251aca9cd13e69df61174add755b

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      3051df1006d3b58d56c89eea302d671528a5884ba4b1a425ba1a6dc3a8089772

    • Size

      363KB

    • MD5

      f2441688e1c8341bcaabd13e12dbe11c

    • SHA1

      27e5cfaeed8cd0357d0ed493c41b52e3bcf18000

    • SHA256

      3051df1006d3b58d56c89eea302d671528a5884ba4b1a425ba1a6dc3a8089772

    • SHA512

      69593bddf04ad98fc8a166f954046bc8ea157baf8e4120aee53b578821a069027f1591e0b8d929b07614b1de30e5ea5a569c251aca9cd13e69df61174add755b

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks