General

  • Target

    ed4d50f9087b18e81a685a2325d7b281e9c95d469e386a73d221a346a53d2a71

  • Size

    364KB

  • Sample

    241110-yz7h3stgqr

  • MD5

    a2f66ea79640f97a67fb0008bf3c978c

  • SHA1

    b9adec2882e9984abb3ec441d3c7e5acdc751823

  • SHA256

    ed4d50f9087b18e81a685a2325d7b281e9c95d469e386a73d221a346a53d2a71

  • SHA512

    204566d480cf771240dc9d214d56870b51b99518d7e77fd23ac07d76885671192d7088c09bda7bd0e8f2662b3946e30430ea0db9fbbfa229a8b0c838266544fc

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      ed4d50f9087b18e81a685a2325d7b281e9c95d469e386a73d221a346a53d2a71

    • Size

      364KB

    • MD5

      a2f66ea79640f97a67fb0008bf3c978c

    • SHA1

      b9adec2882e9984abb3ec441d3c7e5acdc751823

    • SHA256

      ed4d50f9087b18e81a685a2325d7b281e9c95d469e386a73d221a346a53d2a71

    • SHA512

      204566d480cf771240dc9d214d56870b51b99518d7e77fd23ac07d76885671192d7088c09bda7bd0e8f2662b3946e30430ea0db9fbbfa229a8b0c838266544fc

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks