General

  • Target

    4aaa07f377cccd69a59c5d32478f2d721bc3fd50

  • Size

    222KB

  • Sample

    241109-zfd8vsvkcq

  • MD5

    1ef6a34256d57231620ccb992fb2363c

  • SHA1

    4aaa07f377cccd69a59c5d32478f2d721bc3fd50

  • SHA256

    f69228582c9730031fa2d5d770b34ca204c5e6c312e8e7a0483114e94e7684ce

  • SHA512

    2f41767039b5e5fb7da51134c814b669561595a9f08d2a01d3448c34442d361afce26cede4c3096cb6fd2f0b7b2975767b8ffaa57d94ee725899d30599e71fa1

  • SSDEEP

    6144:pE+psaHNRx3cmWifdt6J7FwuRHpN1DzI9e:pE+yAPd5dIjwuPws

Malware Config

Extracted

Family

redline

Botnet

ruzki

C2

193.106.191.165:39482

Attributes
  • auth_value

    71a0558c0eea274a5bd617ea85786884

Targets

    • Target

      18ed1978721a7ac3cb4be1ecd65dbaad473159fc5c9937ad38dfed7d66dd8c52

    • Size

      276KB

    • MD5

      35f2233604615d0ae0f6a2a19dfbf19c

    • SHA1

      5956ed33407c844939e97825e43fe4f6347fa2ca

    • SHA256

      18ed1978721a7ac3cb4be1ecd65dbaad473159fc5c9937ad38dfed7d66dd8c52

    • SHA512

      f83ffd43a275548fc0c8cf1a142a9377d51fe6a0e3666a9bde2b72726547d66dd1ae95107324361ee40e8e693d4cdf3253605a69845f40b2ee0a30e4b9d205e2

    • SSDEEP

      6144:dSup/psaLNRB3cmWifPt6J7FkaTkZjzVzhJr:dSup/yOPN5PIjBk9zV

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks