General

  • Target

    21b0d4c250308edb6d878f948d221bc7a8c1bcff83dbd88ee31a0d09919fef4c

  • Size

    279KB

  • Sample

    241109-29bqyavana

  • MD5

    5750409c592fb88a7edf0b795e6e951e

  • SHA1

    4ef5b0d32f3ab31325c150813dd75103f757b481

  • SHA256

    21b0d4c250308edb6d878f948d221bc7a8c1bcff83dbd88ee31a0d09919fef4c

  • SHA512

    8feeec8693140a0eb4a2ead1de9a522f4cdb344be23c73314684c358c001137ba8a943e4c8264e1520118a7dd5f963b28d62463da4284e05a9ef853c6bff6f7c

  • SSDEEP

    6144:Ws/mGgjweQG3AgB/eIOBmWp+TOv02SHiG1HTt3eNEOOpi7vO:ZvgjwepQg9eurTw0rCG1ztFZA72

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      dc46d0ced0735221ec28f0c8ecc4339e63aad8ea89bad7ef8d1dbab1b4202697

    • Size

      419KB

    • MD5

      384f6b7d09ebdb805e0b62f7bec2b83e

    • SHA1

      770a40da76968259cd67e0416e8394093525c0c7

    • SHA256

      dc46d0ced0735221ec28f0c8ecc4339e63aad8ea89bad7ef8d1dbab1b4202697

    • SHA512

      82a51823a77f88e937e8878963f2f7464702d4b81005f1fd8b1676ca871c6a230b92df0677b46f91a2a5ee89bbf53f84b51b9ab5584e1299f79033ed92c9d780

    • SSDEEP

      6144:Snj78IEPQEU2mWp+TOv02MHiG1H1t3eC9X6HBsMEz0Q7ITsq7iga:SnjpEPMRrTw03CG1Vt19X2eME4Q79

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks