General

  • Target

    6b32ccad4b6ed1299ea863c0b1b3a7aa

  • Size

    360KB

  • Sample

    241108-zswzfazdmp

  • MD5

    6b32ccad4b6ed1299ea863c0b1b3a7aa

  • SHA1

    0bd50caa2d5dde463903fc3399a3368d876d88b4

  • SHA256

    1195d56ef73efc073dad1f51f17416027f0478657143946993d9b59506f6fd01

  • SHA512

    641f5be234cf8fa05a45a2c8e9ab1ed9a23e408a25bcbb4389c24147f90402de5d7c86697c59f5ccd149b3c7ddde4eea928792c3e2f36348f8d6ce6df8fa2e5d

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      6b32ccad4b6ed1299ea863c0b1b3a7aa

    • Size

      360KB

    • MD5

      6b32ccad4b6ed1299ea863c0b1b3a7aa

    • SHA1

      0bd50caa2d5dde463903fc3399a3368d876d88b4

    • SHA256

      1195d56ef73efc073dad1f51f17416027f0478657143946993d9b59506f6fd01

    • SHA512

      641f5be234cf8fa05a45a2c8e9ab1ed9a23e408a25bcbb4389c24147f90402de5d7c86697c59f5ccd149b3c7ddde4eea928792c3e2f36348f8d6ce6df8fa2e5d

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks