General

  • Target

    202777654c01aa812f0ee0ca0308b186480fc00f

  • Size

    363KB

  • Sample

    241110-w9xerasjbv

  • MD5

    f9a63a2d71978e3eac27868df385996d

  • SHA1

    202777654c01aa812f0ee0ca0308b186480fc00f

  • SHA256

    307feb04e4a06e95da1b363d5cc90ba5378ca9e7f743add518cbbe90c5282436

  • SHA512

    6672be60aff9ed055c8e1694812f07a55e1d17e6b2557b58120e1eeeea939793c96bf1fe8573b2e28f582563c1c6ebd78021c55676ecff4efc008afdc7804f70

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      202777654c01aa812f0ee0ca0308b186480fc00f

    • Size

      363KB

    • MD5

      f9a63a2d71978e3eac27868df385996d

    • SHA1

      202777654c01aa812f0ee0ca0308b186480fc00f

    • SHA256

      307feb04e4a06e95da1b363d5cc90ba5378ca9e7f743add518cbbe90c5282436

    • SHA512

      6672be60aff9ed055c8e1694812f07a55e1d17e6b2557b58120e1eeeea939793c96bf1fe8573b2e28f582563c1c6ebd78021c55676ecff4efc008afdc7804f70

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks