General

  • Target

    59b5c7dee52233c5463ace80b2e639726fe080a5

  • Size

    364KB

  • Sample

    241108-xvganazpgm

  • MD5

    6b062a9a63ec5e203a44a398a5b04782

  • SHA1

    59b5c7dee52233c5463ace80b2e639726fe080a5

  • SHA256

    f62e76a5358e3f48c635790fbe6d0b1a63259067c201cd25ab4a9a8186f2c0fa

  • SHA512

    7370bb12b6b1520cf8c532bc0151b683a2ef4cf315a7258881d5aecb7accc7e9eb46384035fe37495d86cdfbcab0f2b8f76f8e52fd2e9ba1ddc1f3011a7ce79b

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      59b5c7dee52233c5463ace80b2e639726fe080a5

    • Size

      364KB

    • MD5

      6b062a9a63ec5e203a44a398a5b04782

    • SHA1

      59b5c7dee52233c5463ace80b2e639726fe080a5

    • SHA256

      f62e76a5358e3f48c635790fbe6d0b1a63259067c201cd25ab4a9a8186f2c0fa

    • SHA512

      7370bb12b6b1520cf8c532bc0151b683a2ef4cf315a7258881d5aecb7accc7e9eb46384035fe37495d86cdfbcab0f2b8f76f8e52fd2e9ba1ddc1f3011a7ce79b

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks