General

  • Target

    a406faaef8062b23b26473c33ceca7f99823d12f

  • Size

    364KB

  • Sample

    241111-d97xda1ngt

  • MD5

    871276913981a48f7d5a7af652b73c07

  • SHA1

    a406faaef8062b23b26473c33ceca7f99823d12f

  • SHA256

    0ce4ccd482e0032b38a6b801f6f690bde801b37d9735d20d51b2706e600e4761

  • SHA512

    8cbcb3d233bec071a6848a4e17e574b091d46070ec087ce4509102dc8b8ab7137e4eb053d029f089869858dc0ed301b80abb131e71808845165658a2eecc0bd2

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      a406faaef8062b23b26473c33ceca7f99823d12f

    • Size

      364KB

    • MD5

      871276913981a48f7d5a7af652b73c07

    • SHA1

      a406faaef8062b23b26473c33ceca7f99823d12f

    • SHA256

      0ce4ccd482e0032b38a6b801f6f690bde801b37d9735d20d51b2706e600e4761

    • SHA512

      8cbcb3d233bec071a6848a4e17e574b091d46070ec087ce4509102dc8b8ab7137e4eb053d029f089869858dc0ed301b80abb131e71808845165658a2eecc0bd2

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks