General

  • Target

    29f23611b9544ff3eb7d0b50102ff668f2630f10

  • Size

    420KB

  • Sample

    241109-19ks6stejj

  • MD5

    889cc1529ad3c1e972dbcbf8d5350be0

  • SHA1

    29f23611b9544ff3eb7d0b50102ff668f2630f10

  • SHA256

    20f07e34a9d1298095bcd60403889d281e06cb3c96e1cd000a20bf059881aabd

  • SHA512

    f157b1cde2c21664ec08bb70cebce7ced271cff533fdac202e2ce95de3c88398d11db3bfa6aa512bdc92610388e1d9a200a0e2d5173ffabd14eba125228cd228

  • SSDEEP

    6144:gIxVZwJj1MwuWnzVEw5jQt8INwYiP0QGeRcMpjygl3RLKlw/Xo6i+c8MBr4z1:gyVZkXpnzVF5jQwhMxEcMsaoInR

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      29f23611b9544ff3eb7d0b50102ff668f2630f10

    • Size

      420KB

    • MD5

      889cc1529ad3c1e972dbcbf8d5350be0

    • SHA1

      29f23611b9544ff3eb7d0b50102ff668f2630f10

    • SHA256

      20f07e34a9d1298095bcd60403889d281e06cb3c96e1cd000a20bf059881aabd

    • SHA512

      f157b1cde2c21664ec08bb70cebce7ced271cff533fdac202e2ce95de3c88398d11db3bfa6aa512bdc92610388e1d9a200a0e2d5173ffabd14eba125228cd228

    • SSDEEP

      6144:gIxVZwJj1MwuWnzVEw5jQt8INwYiP0QGeRcMpjygl3RLKlw/Xo6i+c8MBr4z1:gyVZkXpnzVF5jQwhMxEcMsaoInR

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks