General

  • Target

    93dd73308304df199ab7484418de7e871a0339da

  • Size

    364KB

  • Sample

    241109-gh6f1s1rcp

  • MD5

    1f879dadae887a6d1451b64cf3d216a6

  • SHA1

    93dd73308304df199ab7484418de7e871a0339da

  • SHA256

    923659f685141f16ba218499cb238376d8cac3d1393c12169c406ad214bc37dc

  • SHA512

    a1ef3a265612162db2400c2a9a9da4e737cfac045c37423af3f4b91a228eb457ddcc50b9a9775ef426327dabe5ada91da7e9731cecdb520c2ca2819b402ad5b8

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      93dd73308304df199ab7484418de7e871a0339da

    • Size

      364KB

    • MD5

      1f879dadae887a6d1451b64cf3d216a6

    • SHA1

      93dd73308304df199ab7484418de7e871a0339da

    • SHA256

      923659f685141f16ba218499cb238376d8cac3d1393c12169c406ad214bc37dc

    • SHA512

      a1ef3a265612162db2400c2a9a9da4e737cfac045c37423af3f4b91a228eb457ddcc50b9a9775ef426327dabe5ada91da7e9731cecdb520c2ca2819b402ad5b8

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks