General

  • Target

    f38f655eceb0f570a7ec3d172f0aa96f6cfd45c30b0f77cf962d48a6ae13f6fe

  • Size

    222KB

  • Sample

    241109-yw2hnazqfs

  • MD5

    c3e3955130f451cabb780211bd0bab58

  • SHA1

    04438ed2ea962d4e1ee7f539a1a51dcfe6b49beb

  • SHA256

    f38f655eceb0f570a7ec3d172f0aa96f6cfd45c30b0f77cf962d48a6ae13f6fe

  • SHA512

    10b2dbad649104229eb28749c1af6da0d6b06d5f0c3ed8770044eb6b1b9552cd8c0ba03daafc4eb2375fdbfec74af5c8a7716f600aafe428a68e98f319f39b7b

  • SSDEEP

    6144:HE+psaHNRx3cmWifdt6J7FwuRHpN1DzI9s:HE+yAPd5dIjwuPwe

Malware Config

Extracted

Family

redline

Botnet

ruzki

C2

193.106.191.165:39482

Attributes
  • auth_value

    71a0558c0eea274a5bd617ea85786884

Targets

    • Target

      18ed1978721a7ac3cb4be1ecd65dbaad473159fc5c9937ad38dfed7d66dd8c52

    • Size

      276KB

    • MD5

      35f2233604615d0ae0f6a2a19dfbf19c

    • SHA1

      5956ed33407c844939e97825e43fe4f6347fa2ca

    • SHA256

      18ed1978721a7ac3cb4be1ecd65dbaad473159fc5c9937ad38dfed7d66dd8c52

    • SHA512

      f83ffd43a275548fc0c8cf1a142a9377d51fe6a0e3666a9bde2b72726547d66dd1ae95107324361ee40e8e693d4cdf3253605a69845f40b2ee0a30e4b9d205e2

    • SSDEEP

      6144:dSup/psaLNRB3cmWifPt6J7FkaTkZjzVzhJr:dSup/yOPN5PIjBk9zV

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks