General

  • Target

    0f5a2ce35fd85feb611c7f46682be7ebbc553b70894fc53f8a223de1f812bf8f

  • Size

    416KB

  • Sample

    241109-r9nemawgqm

  • MD5

    cf3b1efd884b2a8436dff85633198ae0

  • SHA1

    006e22009d5cdf9064d5408a696f358765342e07

  • SHA256

    0f5a2ce35fd85feb611c7f46682be7ebbc553b70894fc53f8a223de1f812bf8f

  • SHA512

    a1eb6993e0459167d976e0d2990469f9a118ecaa05d8d6be04b8f0ee0ccee2da4d68bcea5ddd7e5d73ea3b0f61a70563b3746da49ea4983841d46339dc05d2e7

  • SSDEEP

    12288:DJlyFZDp++6IpQg95B6pBFzy13Dy/zkFmRcYeV:a3F++6306k9CyGk

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      0f5a2ce35fd85feb611c7f46682be7ebbc553b70894fc53f8a223de1f812bf8f

    • Size

      416KB

    • MD5

      cf3b1efd884b2a8436dff85633198ae0

    • SHA1

      006e22009d5cdf9064d5408a696f358765342e07

    • SHA256

      0f5a2ce35fd85feb611c7f46682be7ebbc553b70894fc53f8a223de1f812bf8f

    • SHA512

      a1eb6993e0459167d976e0d2990469f9a118ecaa05d8d6be04b8f0ee0ccee2da4d68bcea5ddd7e5d73ea3b0f61a70563b3746da49ea4983841d46339dc05d2e7

    • SSDEEP

      12288:DJlyFZDp++6IpQg95B6pBFzy13Dy/zkFmRcYeV:a3F++6306k9CyGk

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks