General

  • Target

    155de48534d457f9429aba6d8fbb29ddbbcc82093d103a69124a16f1e971ff69

  • Size

    360KB

  • Sample

    241109-1kzk2ashql

  • MD5

    a6ec099f3fcb31f0edc33f5ecf9f312c

  • SHA1

    aba54642465d6d62897b9ae9054113e8d5bdf684

  • SHA256

    155de48534d457f9429aba6d8fbb29ddbbcc82093d103a69124a16f1e971ff69

  • SHA512

    fc4cfc9fec1bfc2481c8a95b5f911862f3e6e2d351eb933ae9ce5c761472fd02dddbe9b0c498a95e95b634924430a57a993a8ebf2f91d756d5fc2e535d163d27

  • SSDEEP

    6144:jvrC/57nGXVr0JLKZoLdhRh0yxPaUFp/hbay1HR6luHO+UXGrtp0:jvO57nGXV4JDphRh5PpFp/hb7HR6l8OC

Malware Config

Extracted

Family

redline

Botnet

Runstaf

C2

193.233.48.58:38989

Attributes
  • auth_value

    5eba62ac5fe955a7d5dbe74c38a216e4

Targets

    • Target

      155de48534d457f9429aba6d8fbb29ddbbcc82093d103a69124a16f1e971ff69

    • Size

      360KB

    • MD5

      a6ec099f3fcb31f0edc33f5ecf9f312c

    • SHA1

      aba54642465d6d62897b9ae9054113e8d5bdf684

    • SHA256

      155de48534d457f9429aba6d8fbb29ddbbcc82093d103a69124a16f1e971ff69

    • SHA512

      fc4cfc9fec1bfc2481c8a95b5f911862f3e6e2d351eb933ae9ce5c761472fd02dddbe9b0c498a95e95b634924430a57a993a8ebf2f91d756d5fc2e535d163d27

    • SSDEEP

      6144:jvrC/57nGXVr0JLKZoLdhRh0yxPaUFp/hbay1HR6luHO+UXGrtp0:jvO57nGXV4JDphRh5PpFp/hb7HR6l8OC

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks