General

  • Target

    b59baf8991c20f7770d1680e0bc0af65ec4aaa3895b4112654b4653e482450ef

  • Size

    260KB

  • Sample

    241109-w7fdfszcpg

  • MD5

    5b24f1b2e95e1292f2e9b8455f7b6124

  • SHA1

    0c0d253c032eec2aba13910dbd60bc20ebd9d5ec

  • SHA256

    b59baf8991c20f7770d1680e0bc0af65ec4aaa3895b4112654b4653e482450ef

  • SHA512

    9d689ee062414fba5db338354d02b9ac96035267d47656dfc30a3ccda12e10bd55723c682eb5ea141ec69ee1e6a4c1b44f0f480057ec884766c5edd789be14bb

  • SSDEEP

    6144:qbxjYAKOX8E+f3QPDkBPrz6jckQJI1SGZUoKi0BTq:gxInvGD6mckQMSBTq

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      0f69da789bc940995ac6c86a5fc7c514071837afe8af6c339fdc3c9f1fd67ad0

    • Size

      371KB

    • MD5

      5d9326eae442fa8871e67718f7d762cd

    • SHA1

      b3fb732c955ed24a6cf743f5a8f5a87b798b6dba

    • SHA256

      0f69da789bc940995ac6c86a5fc7c514071837afe8af6c339fdc3c9f1fd67ad0

    • SHA512

      9394016e9b823644febf8a5ca697f8a7d0007655ddf22c7137032fdf441e93182273be99c73d672b3adc244156f2798e9e4b14886c28030b0502cedcabdcb61d

    • SSDEEP

      6144:jt0dhfUHTSG5oQNI0wnrX5cHYL1pnax8pPx8E+f3QPnkBRrz6j0kQJI1PUrpC:jt0USG5tNynrX151aZnvGn6w0kQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks