General

  • Target

    b2789fa70a65f913230a8284d509c7596702989f4d332c50e7d110f80d038bf0

  • Size

    364KB

  • Sample

    241109-cjqdzavelf

  • MD5

    660a4198a468d613030b4a2db2c15f3f

  • SHA1

    64e73af582942951b2d2ee54906cf17ed502242a

  • SHA256

    b2789fa70a65f913230a8284d509c7596702989f4d332c50e7d110f80d038bf0

  • SHA512

    99ee027a60f25dab77cfcc25478368cc6381b140df393ba413a8d3c8960c32ad168af92c4d6f05eeea1323080c7948cc5b5ca75f0080a7d246ad26902b3f3e29

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      b2789fa70a65f913230a8284d509c7596702989f4d332c50e7d110f80d038bf0

    • Size

      364KB

    • MD5

      660a4198a468d613030b4a2db2c15f3f

    • SHA1

      64e73af582942951b2d2ee54906cf17ed502242a

    • SHA256

      b2789fa70a65f913230a8284d509c7596702989f4d332c50e7d110f80d038bf0

    • SHA512

      99ee027a60f25dab77cfcc25478368cc6381b140df393ba413a8d3c8960c32ad168af92c4d6f05eeea1323080c7948cc5b5ca75f0080a7d246ad26902b3f3e29

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks