General

  • Target

    95185f994c1b0ae303a6b076267a44b53142192606f41fb9f359747f710db040

  • Size

    360KB

  • Sample

    241109-fnbcdsyarm

  • MD5

    2ddab05d5a4cc9d95e91558c22c5e562

  • SHA1

    1fbbcfdb5d403914fc5242b635c5c381595e16d1

  • SHA256

    95185f994c1b0ae303a6b076267a44b53142192606f41fb9f359747f710db040

  • SHA512

    976c66c6f0d89b2ccb10e962ae2fbc4a211e63b139c57a9b8d44ea9985542d7bf995fe040b0dbbeb4d7462cb1273b153535871feb5232a40cdc049f17add9d70

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      95185f994c1b0ae303a6b076267a44b53142192606f41fb9f359747f710db040

    • Size

      360KB

    • MD5

      2ddab05d5a4cc9d95e91558c22c5e562

    • SHA1

      1fbbcfdb5d403914fc5242b635c5c381595e16d1

    • SHA256

      95185f994c1b0ae303a6b076267a44b53142192606f41fb9f359747f710db040

    • SHA512

      976c66c6f0d89b2ccb10e962ae2fbc4a211e63b139c57a9b8d44ea9985542d7bf995fe040b0dbbeb4d7462cb1273b153535871feb5232a40cdc049f17add9d70

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks