General

  • Target

    dbff8a76d9b92895c93fc8f153c757130bd2f5040c79f091438586a4e977d6d8

  • Size

    364KB

  • Sample

    241111-jdcz1svlgs

  • MD5

    47cbb0c9270215c249e35d1a9c3541a8

  • SHA1

    7b48bbf43166293b8412ca4397da5f184402f243

  • SHA256

    dbff8a76d9b92895c93fc8f153c757130bd2f5040c79f091438586a4e977d6d8

  • SHA512

    b94345750f25416e2d7ba5ca0bc9c40af1d53e451c018186add886d0fdabf71867676e301cff776536557bf2af9b6fd5124932bfedc0cdb428a06a04cba5b555

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Targets

    • Target

      dbff8a76d9b92895c93fc8f153c757130bd2f5040c79f091438586a4e977d6d8

    • Size

      364KB

    • MD5

      47cbb0c9270215c249e35d1a9c3541a8

    • SHA1

      7b48bbf43166293b8412ca4397da5f184402f243

    • SHA256

      dbff8a76d9b92895c93fc8f153c757130bd2f5040c79f091438586a4e977d6d8

    • SHA512

      b94345750f25416e2d7ba5ca0bc9c40af1d53e451c018186add886d0fdabf71867676e301cff776536557bf2af9b6fd5124932bfedc0cdb428a06a04cba5b555

    • SSDEEP

      6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks