General

  • Target

    480473e1b6598b912620c7896bf765e32df93cf0

  • Size

    364KB

  • Sample

    241108-ycmkdsxme1

  • MD5

    5b7db1de3e5d41efb47286e2b7a4c23a

  • SHA1

    480473e1b6598b912620c7896bf765e32df93cf0

  • SHA256

    9b456b4903cbfc29675c4ca044753c82cee4cc2fb51963ec1b8207cf942056b4

  • SHA512

    07302f6fe0d0b5008be8bab8639a0dfb2463b4210afd624888d5e65307f5a50979c33d632a28dfc637447cf879c8d14bae8187d71df14715c9d192c7d2edca5b

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      480473e1b6598b912620c7896bf765e32df93cf0

    • Size

      364KB

    • MD5

      5b7db1de3e5d41efb47286e2b7a4c23a

    • SHA1

      480473e1b6598b912620c7896bf765e32df93cf0

    • SHA256

      9b456b4903cbfc29675c4ca044753c82cee4cc2fb51963ec1b8207cf942056b4

    • SHA512

      07302f6fe0d0b5008be8bab8639a0dfb2463b4210afd624888d5e65307f5a50979c33d632a28dfc637447cf879c8d14bae8187d71df14715c9d192c7d2edca5b

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks