General

  • Target

    b4fff928859af58b1cb429fbd5d2c37d08fed2396623651021c5ac5152d27e2d

  • Size

    363KB

  • Sample

    241109-d4x5zswkfs

  • MD5

    158fb3f8f0393d8ea9f27b3047b9170a

  • SHA1

    7fb2fa22ecf1f6163a39d14fab398553a39c5a51

  • SHA256

    b4fff928859af58b1cb429fbd5d2c37d08fed2396623651021c5ac5152d27e2d

  • SHA512

    a816d96b2a0d596c4292012a7884b4b59cea2d381b625e37739140c2615db2f6b06f6ed40aaac71b6bec3f4df1defdfad0596cfa8967f7954bd4b3f1b55db01f

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      b4fff928859af58b1cb429fbd5d2c37d08fed2396623651021c5ac5152d27e2d

    • Size

      363KB

    • MD5

      158fb3f8f0393d8ea9f27b3047b9170a

    • SHA1

      7fb2fa22ecf1f6163a39d14fab398553a39c5a51

    • SHA256

      b4fff928859af58b1cb429fbd5d2c37d08fed2396623651021c5ac5152d27e2d

    • SHA512

      a816d96b2a0d596c4292012a7884b4b59cea2d381b625e37739140c2615db2f6b06f6ed40aaac71b6bec3f4df1defdfad0596cfa8967f7954bd4b3f1b55db01f

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks