General

  • Target

    3e608959efc0a566a70f6677d87a7d76116e5266

  • Size

    364KB

  • Sample

    241108-z2hheazdpa

  • MD5

    d717ffc85650c7384dab14f7f289df0a

  • SHA1

    3e608959efc0a566a70f6677d87a7d76116e5266

  • SHA256

    f6ad18eff895680c488b852acbe2750c3fe5573f9960545b20f9d96e8e51786d

  • SHA512

    08294798eb29498d05ae923ebbb0d638d73e6c1209a89fcde391226bb2cec404bf9c5f3c418071c2a935e753b001122a51405a9bcb1e0f479db5a9a79e2f5cf1

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      3e608959efc0a566a70f6677d87a7d76116e5266

    • Size

      364KB

    • MD5

      d717ffc85650c7384dab14f7f289df0a

    • SHA1

      3e608959efc0a566a70f6677d87a7d76116e5266

    • SHA256

      f6ad18eff895680c488b852acbe2750c3fe5573f9960545b20f9d96e8e51786d

    • SHA512

      08294798eb29498d05ae923ebbb0d638d73e6c1209a89fcde391226bb2cec404bf9c5f3c418071c2a935e753b001122a51405a9bcb1e0f479db5a9a79e2f5cf1

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks