General

  • Target

    fd9a724ca9b46e33f8e9e0a49de0fb435db4c47b

  • Size

    418KB

  • Sample

    241109-sfp7sszjep

  • MD5

    e5d848293cbaad6715a4d3dc37b050f8

  • SHA1

    fd9a724ca9b46e33f8e9e0a49de0fb435db4c47b

  • SHA256

    8468b660b2d5e6ba2370653207a333123eba7cc23e9f734d2f14501f813bb07b

  • SHA512

    29ccac336a8778cfb75da40f3b49dead3f0de6686781046ccbcdfcf9ea1e7446c44f970f099e3b5cf0f5337a8e1b164a29733520b7fae4343e007478f2d26001

  • SSDEEP

    6144:sk5C+DHSh/djMzvnG/lpImBmPNb7AiXB8fsHZ/DLI0Q7ITsq7iga:sk5C+DH+Ven6pbBmPNb0iXBAmDpQ79

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      fd9a724ca9b46e33f8e9e0a49de0fb435db4c47b

    • Size

      418KB

    • MD5

      e5d848293cbaad6715a4d3dc37b050f8

    • SHA1

      fd9a724ca9b46e33f8e9e0a49de0fb435db4c47b

    • SHA256

      8468b660b2d5e6ba2370653207a333123eba7cc23e9f734d2f14501f813bb07b

    • SHA512

      29ccac336a8778cfb75da40f3b49dead3f0de6686781046ccbcdfcf9ea1e7446c44f970f099e3b5cf0f5337a8e1b164a29733520b7fae4343e007478f2d26001

    • SSDEEP

      6144:sk5C+DHSh/djMzvnG/lpImBmPNb7AiXB8fsHZ/DLI0Q7ITsq7iga:sk5C+DH+Ven6pbBmPNb0iXBAmDpQ79

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks