General

  • Target

    013e0fdd44d2229f2fc2f5d51be97d76

  • Size

    418KB

  • Sample

    241109-mkenzasgme

  • MD5

    013e0fdd44d2229f2fc2f5d51be97d76

  • SHA1

    3c2acd0b81a5d0ef641225fb0f2d649e65abf297

  • SHA256

    ea756956f3e16e53ac95aa3d81dc7d58d2931df409a2d7c20c15ac5e7abc0872

  • SHA512

    be643aed7b6399924bb261aca35576974932a11538ed47d9977dc4478e9dd0c911f7c5f95b2549c6cadc975b4e11906f27ee4845b4ab834d58f47a6ef46eb5ce

  • SSDEEP

    12288:DiVxPDfTSipFMAf+BI5k1UJcul8Ti4cTzGSv2YcyqAb:DKGiMm+BFSJKTaTzx2YNqA

Malware Config

Extracted

Family

redline

Botnet

ruzkiKAKOYTO

C2

185.215.113.29:20819

Attributes
  • auth_value

    44e87155dd7a4d1957a956ed040ff3fd

Targets

    • Target

      013e0fdd44d2229f2fc2f5d51be97d76

    • Size

      418KB

    • MD5

      013e0fdd44d2229f2fc2f5d51be97d76

    • SHA1

      3c2acd0b81a5d0ef641225fb0f2d649e65abf297

    • SHA256

      ea756956f3e16e53ac95aa3d81dc7d58d2931df409a2d7c20c15ac5e7abc0872

    • SHA512

      be643aed7b6399924bb261aca35576974932a11538ed47d9977dc4478e9dd0c911f7c5f95b2549c6cadc975b4e11906f27ee4845b4ab834d58f47a6ef46eb5ce

    • SSDEEP

      12288:DiVxPDfTSipFMAf+BI5k1UJcul8Ti4cTzGSv2YcyqAb:DKGiMm+BFSJKTaTzx2YNqA

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks