General

  • Target

    88125cc613ae828eaf7cda20ab350272d1b71b6f

  • Size

    262KB

  • Sample

    241109-ydyn2szmdt

  • MD5

    1004935120b5e59536fee38128f9cafb

  • SHA1

    88125cc613ae828eaf7cda20ab350272d1b71b6f

  • SHA256

    e80ebc934e2467e868de0815c0ce0c03881cbe5d0094c4ddc7e6f75222c2b85f

  • SHA512

    a4d9ddd263df9e686ad6a8224ce40cb6ef2ae24aec2e162d5aadc2cb89b9eb3f45f353ae68e4b01e56f20c55bf29be033eb2c0c73f57a6028c71a2aa6cc07a3d

  • SSDEEP

    6144:oNwjkYGWNSqyHX04jRT3h4/UFOertn0zxci1+:0QGyCkoT4/UFOert0zxP1+

Malware Config

Extracted

Family

redline

Botnet

RUZKI

C2

193.106.191.246:23196

Attributes
  • auth_value

    121027c094f768a0a0e9b562f6417952

Targets

    • Target

      65093535c32bbfef156e86e3f19488ed22882f1647b1c0ff1aed7bce369bd31d

    • Size

      389KB

    • MD5

      eb4db5c4418dcecd17a1ee87fc08c9ea

    • SHA1

      7679b7fc3d755fa54e937c821fddb92ac129bad2

    • SHA256

      65093535c32bbfef156e86e3f19488ed22882f1647b1c0ff1aed7bce369bd31d

    • SHA512

      3a4d641fbe506137e1d3f7c9868fa00f87aabb05e6888eb4d83b768c854ac13be546f7368a87753ccb5ef47446c472dc80db6ed856e3006ed62ecd21dcb18703

    • SSDEEP

      6144:kl9+Ag/wVKBC35Lpx/zK3D0gKTyHXG4jnTph4RUFOertnkD:kl9+LqKBC35LpxE0WWof4RUFOert

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks