General

  • Target

    9a7a73a30529a329471d09fa0c1a1ca59a324b121596f530fa9d1bd15e17defb

  • Size

    360KB

  • Sample

    241108-zlnpgsskbm

  • MD5

    c19d8c8f08a48563b7eacdf75b9ae5ad

  • SHA1

    91aef878e2decbcc9d93d84cdd1b4fca60f268ec

  • SHA256

    9a7a73a30529a329471d09fa0c1a1ca59a324b121596f530fa9d1bd15e17defb

  • SHA512

    33e2bb886ea0c75f1e79e012e21a6e93e03f3afe43717512670d2e2df6dc8af32e2e3deb8ab467e4ad9ad93512a8fcb6403b4d34c6daf5f432904dedb5f85400

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      9a7a73a30529a329471d09fa0c1a1ca59a324b121596f530fa9d1bd15e17defb

    • Size

      360KB

    • MD5

      c19d8c8f08a48563b7eacdf75b9ae5ad

    • SHA1

      91aef878e2decbcc9d93d84cdd1b4fca60f268ec

    • SHA256

      9a7a73a30529a329471d09fa0c1a1ca59a324b121596f530fa9d1bd15e17defb

    • SHA512

      33e2bb886ea0c75f1e79e012e21a6e93e03f3afe43717512670d2e2df6dc8af32e2e3deb8ab467e4ad9ad93512a8fcb6403b4d34c6daf5f432904dedb5f85400

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks