General

  • Target

    dfe2ef2765fc9dec8db3e6d6c5d114bf8fc198d3e7fc4580ad5d73b01464d718

  • Size

    363KB

  • Sample

    241109-chcrgsxmgn

  • MD5

    3cad2983839eeb2a2b0f5ea5ef85c2bd

  • SHA1

    4491f6938ec23f00f0d6e7e2f52e73887c68a356

  • SHA256

    dfe2ef2765fc9dec8db3e6d6c5d114bf8fc198d3e7fc4580ad5d73b01464d718

  • SHA512

    5e47cf7f10dcae31fb388511564f177143e4693ba1c935aa8b69c79bbb0b944f90e58d2375dc487e889f17588c026e940fb75e69e7b99900befcf4db5d985b33

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      dfe2ef2765fc9dec8db3e6d6c5d114bf8fc198d3e7fc4580ad5d73b01464d718

    • Size

      363KB

    • MD5

      3cad2983839eeb2a2b0f5ea5ef85c2bd

    • SHA1

      4491f6938ec23f00f0d6e7e2f52e73887c68a356

    • SHA256

      dfe2ef2765fc9dec8db3e6d6c5d114bf8fc198d3e7fc4580ad5d73b01464d718

    • SHA512

      5e47cf7f10dcae31fb388511564f177143e4693ba1c935aa8b69c79bbb0b944f90e58d2375dc487e889f17588c026e940fb75e69e7b99900befcf4db5d985b33

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks