General

  • Target

    aa002955c8ef7f5c04237a6b0cf271a29109fcc2

  • Size

    163KB

  • Sample

    241110-xrrl8ashjl

  • MD5

    66b39f02f8aab03e7d6b0cdc63eb2718

  • SHA1

    aa002955c8ef7f5c04237a6b0cf271a29109fcc2

  • SHA256

    02600b5f78eb4f1c4ac76e08c96caf54661f1f74a6f2ad6f5c2ea41e5f7e25f8

  • SHA512

    a0c4f5ebd1ca8a1208dbff485bc6e8a63b4b4065d0b4d8a8c04cb46d0a51f3d6115d70b6792091e412cfe5afc8b330fd9685f260aa71752abb79bf2544668916

  • SSDEEP

    3072:+yzQEN5+3bCxGMX/i7Ea270jga9LHko0iMjaK07xc2e9RVGTqSeZJAHQ:+qQR3bqL/igK0a9LBvMbUxwLQTqrMQ

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      18a28fa4959dd30b95a18a0e776f8a95f7bee73743168488b388bc5693670a3e

    • Size

      362KB

    • MD5

      37edf20d8e8c8ea86be6da11cee8bafc

    • SHA1

      8f874973f3898e073f4795078e2fd78021140b09

    • SHA256

      18a28fa4959dd30b95a18a0e776f8a95f7bee73743168488b388bc5693670a3e

    • SHA512

      9fb4455c2c90e7591bd2ff932e5f04c5e55ba121ef2f87b15d0f7317c047ab6949174649aaafabe2a568c7e101c2e5e39d5e8c7dd11bce14ad4dbef3bfadd156

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks