General

  • Target

    d13a2405cad0726b30245224926c6416

  • Size

    253KB

  • Sample

    241110-18ycwawfqm

  • MD5

    d13a2405cad0726b30245224926c6416

  • SHA1

    fe2e7d0dc7002a02e6c0f7ad1a7cd73f3d4a102c

  • SHA256

    b51b6aad3e439470c6aa943d49cb1ae88ac730485b0fb0c5d17aaaf46d71219c

  • SHA512

    8145d5c209018fe38cb6bf471e00500d4eb3bb942096c416bf767b414b8f2890e9178147602fc18fca04f213816ee879a9c0622fddf784dadca8da2e55b9781e

  • SSDEEP

    6144:t/W0wVOd1UqIxK3SpFPSE80EPPhTVb0Cryp8ZKom:t/W0gOd1XIkCpFPJPe5VbdrypSKom

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      712ea1fa198baeddb9adfe07bc156649684fc0f43c93dc3c48ae8eb34682d610

    • Size

      385KB

    • MD5

      da942d2b3039e6edf585c7a8ab53441a

    • SHA1

      411c53041943703fdaa95959b64ce1f977fcaed7

    • SHA256

      712ea1fa198baeddb9adfe07bc156649684fc0f43c93dc3c48ae8eb34682d610

    • SHA512

      66fef11279451e4005ce3e953d03625de497bf9eadd3b2f517daf02604fd9b5ef7da73462d72005fae63b2dd4df4daa3471a3fe9bb79ca13304fd6fc8edc2a65

    • SSDEEP

      6144:fcfYI7lb6H1oJFPSE8+EPPhT7b0wrypmNrUR5:fcfYI7i1AFPJ7e57bRrypmO

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks