General

  • Target

    329532e365ae0aefb5507bc91e4f6815

  • Size

    364KB

  • Sample

    241109-vkyqvaxmew

  • MD5

    329532e365ae0aefb5507bc91e4f6815

  • SHA1

    5983978d8fafe756b38eec2a52646f06792798f0

  • SHA256

    0511eb67c1649840e53fa4f6fd8874c22c6a850d7f11a4a01b7740f1c7bdafae

  • SHA512

    052c11a4cc912340436ed6ecd6795171937aec9e8f68047fb60e5ca44b3a20fd55a71460a7620ffbf5f89ce10da15b0232278bd4218ba2b1a9ece03ccd6b3ac5

  • SSDEEP

    6144:CX8Nhevp6s4aR9kSiY8T+VM1Tgg+0kOCQD2MtgfSedyiTIsVW:CX8NhCp54aR9kSiY7ilgH0kOC+2M815z

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      329532e365ae0aefb5507bc91e4f6815

    • Size

      364KB

    • MD5

      329532e365ae0aefb5507bc91e4f6815

    • SHA1

      5983978d8fafe756b38eec2a52646f06792798f0

    • SHA256

      0511eb67c1649840e53fa4f6fd8874c22c6a850d7f11a4a01b7740f1c7bdafae

    • SHA512

      052c11a4cc912340436ed6ecd6795171937aec9e8f68047fb60e5ca44b3a20fd55a71460a7620ffbf5f89ce10da15b0232278bd4218ba2b1a9ece03ccd6b3ac5

    • SSDEEP

      6144:CX8Nhevp6s4aR9kSiY8T+VM1Tgg+0kOCQD2MtgfSedyiTIsVW:CX8NhCp54aR9kSiY7ilgH0kOC+2M815z

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks