Overview

overview

10

Static

static

3

f3f43fcd8e...a4.exe

windows7-x64

10

f3f43fcd8e...a4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f3f43fcd8ecd39321a43303c0607426bfa83724858210f758f29d2153bed36a4

  • Size

    383KB

  • Sample

    241110-1wcweawgme

  • MD5

    b7da39eb67f772b11a33f1b6802ed9da

  • SHA1

    ac4c71dbdd8d646cf136628f2b85dd794a0915c2

  • SHA256

    f3f43fcd8ecd39321a43303c0607426bfa83724858210f758f29d2153bed36a4

  • SHA512

    9a99d59b5ff627b3cf57972e16b2abadd0aae67840cbd0e505e4be01c222ee76bde6bfaa8ad2a3e85118c8b753e6320987a6df9239cef191fb102bc1b7d7924a

  • SSDEEP

    6144:1EArta0+h7sb2ZDBI7QOTh21fLNiVuxZF5UDsA2LRAb0JHWL3pPi4C:1rtPAYb2ZkQOTh4NiVQZIDoLRAhLZP

Score
10/10
redlineruzkikakoytodiscoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

ruzkiKAKOYTO

C2

185.215.113.29:20819

Attributes
  • auth_value

    44e87155dd7a4d1957a956ed040ff3fd

Targets

    • Target

      f3f43fcd8ecd39321a43303c0607426bfa83724858210f758f29d2153bed36a4

    • Size

      383KB

    • MD5

      b7da39eb67f772b11a33f1b6802ed9da

    • SHA1

      ac4c71dbdd8d646cf136628f2b85dd794a0915c2

    • SHA256

      f3f43fcd8ecd39321a43303c0607426bfa83724858210f758f29d2153bed36a4

    • SHA512

      9a99d59b5ff627b3cf57972e16b2abadd0aae67840cbd0e505e4be01c222ee76bde6bfaa8ad2a3e85118c8b753e6320987a6df9239cef191fb102bc1b7d7924a

    • SSDEEP

      6144:1EArta0+h7sb2ZDBI7QOTh21fLNiVuxZF5UDsA2LRAb0JHWL3pPi4C:1rtPAYb2ZkQOTh4NiVQZIDoLRAhLZP

    Score
    10/10
    redlineruzkikakoytodiscoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks