General

  • Target

    a8046fcab7b02c6825fb745207163faa06ab1307dceeb35eeb02f2fac98f907d

  • Size

    364KB

  • Sample

    241110-xq22kasmcx

  • MD5

    9d6bf36e0abdeb49d2ce54786afa2b2c

  • SHA1

    27d33e1c1535e8d0af448b46d7af1b86d492dd4e

  • SHA256

    a8046fcab7b02c6825fb745207163faa06ab1307dceeb35eeb02f2fac98f907d

  • SHA512

    31b59fe5bcb016f532b7243406d22b82b72ede97d2e730e1447c128a008ed5677b4c431a3c220c750e35b60baee03cc23e5bd3ca19c9034082f9535172a51e66

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      a8046fcab7b02c6825fb745207163faa06ab1307dceeb35eeb02f2fac98f907d

    • Size

      364KB

    • MD5

      9d6bf36e0abdeb49d2ce54786afa2b2c

    • SHA1

      27d33e1c1535e8d0af448b46d7af1b86d492dd4e

    • SHA256

      a8046fcab7b02c6825fb745207163faa06ab1307dceeb35eeb02f2fac98f907d

    • SHA512

      31b59fe5bcb016f532b7243406d22b82b72ede97d2e730e1447c128a008ed5677b4c431a3c220c750e35b60baee03cc23e5bd3ca19c9034082f9535172a51e66

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks