General

  • Target

    cb634d25213e4719b0c6854642288529b753d26785dc8ce564f99377bf73246e

  • Size

    208KB

  • Sample

    241109-2bn9datemm

  • MD5

    ba77c37c85b628a9cc8eaf60de16f16a

  • SHA1

    013dcd1165bfceebe7906e222cf0d3841e98c0e9

  • SHA256

    cb634d25213e4719b0c6854642288529b753d26785dc8ce564f99377bf73246e

  • SHA512

    eea1f91464b6d17ee828a497b1e06b93874faa01e56153b51dfd897b042ca72db2da8fd9620893efb61c106b58760fe05059bdb0d149a454e949ffa12f5576df

  • SSDEEP

    3072:D5Vw/aGhNIhegGSdqRBKNMM6RR2Ugwetho7z6pg+2B:DA/KUg9gfKKYthKe

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      cb634d25213e4719b0c6854642288529b753d26785dc8ce564f99377bf73246e

    • Size

      208KB

    • MD5

      ba77c37c85b628a9cc8eaf60de16f16a

    • SHA1

      013dcd1165bfceebe7906e222cf0d3841e98c0e9

    • SHA256

      cb634d25213e4719b0c6854642288529b753d26785dc8ce564f99377bf73246e

    • SHA512

      eea1f91464b6d17ee828a497b1e06b93874faa01e56153b51dfd897b042ca72db2da8fd9620893efb61c106b58760fe05059bdb0d149a454e949ffa12f5576df

    • SSDEEP

      3072:D5Vw/aGhNIhegGSdqRBKNMM6RR2Ugwetho7z6pg+2B:DA/KUg9gfKKYthKe

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks