General

  • Target

    d30ee80b60f2e2442728dc549480b06495257c54d5ea2d3f41d2666817278512

  • Size

    352KB

  • Sample

    241109-zgt1pssaqr

  • MD5

    758c38fa8f05b444e568d929d133cfb1

  • SHA1

    c896faf42e0bf45b193fc0581aab079e63362028

  • SHA256

    d30ee80b60f2e2442728dc549480b06495257c54d5ea2d3f41d2666817278512

  • SHA512

    a3fab8c126f9e136754efda3adfa5577b6714588cf8b59d9c44feb1eb5a41b1e1f5f1fe1847892af72adda85b63a1b5290f939ce863522fd6f4612aa8b323dc7

  • SSDEEP

    6144:43FMcuONsz8ZEiax4/8zCmPPE2Tdo+D7MFmmIXoxZVcgqDEOu4qd/OMU:IFMKNsz8ZEiNaCmdr7MFmmIuiXOdXU

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      d30ee80b60f2e2442728dc549480b06495257c54d5ea2d3f41d2666817278512

    • Size

      352KB

    • MD5

      758c38fa8f05b444e568d929d133cfb1

    • SHA1

      c896faf42e0bf45b193fc0581aab079e63362028

    • SHA256

      d30ee80b60f2e2442728dc549480b06495257c54d5ea2d3f41d2666817278512

    • SHA512

      a3fab8c126f9e136754efda3adfa5577b6714588cf8b59d9c44feb1eb5a41b1e1f5f1fe1847892af72adda85b63a1b5290f939ce863522fd6f4612aa8b323dc7

    • SSDEEP

      6144:43FMcuONsz8ZEiax4/8zCmPPE2Tdo+D7MFmmIXoxZVcgqDEOu4qd/OMU:IFMKNsz8ZEiNaCmdr7MFmmIuiXOdXU

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks