General

  • Target

    a160f812f3cd755a20bfadc7c10f278a0bea1ab8

  • Size

    363KB

  • Sample

    241111-evbq3asfjp

  • MD5

    f4de28751d61edf96d59bacf7e47b78e

  • SHA1

    a160f812f3cd755a20bfadc7c10f278a0bea1ab8

  • SHA256

    293a2d6e8f725ca9a17e4e199133b52bd9b0e6b6f6ca7889b486d31914c7ce40

  • SHA512

    76583b606d1fd951c977ba4251b28dadf4e4cb59ad1f07554bcdfdbbd9c38e31c49075058dd24c1cbd3ca99eaa0979d507f0af37947150d1a44c04e6b5bd133e

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      a160f812f3cd755a20bfadc7c10f278a0bea1ab8

    • Size

      363KB

    • MD5

      f4de28751d61edf96d59bacf7e47b78e

    • SHA1

      a160f812f3cd755a20bfadc7c10f278a0bea1ab8

    • SHA256

      293a2d6e8f725ca9a17e4e199133b52bd9b0e6b6f6ca7889b486d31914c7ce40

    • SHA512

      76583b606d1fd951c977ba4251b28dadf4e4cb59ad1f07554bcdfdbbd9c38e31c49075058dd24c1cbd3ca99eaa0979d507f0af37947150d1a44c04e6b5bd133e

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks