General

  • Target

    bdcff4d9f3187e6d5eed5384e23ce329f7ab51d6

  • Size

    263KB

  • Sample

    241110-bm7a8awelj

  • MD5

    a5a3cb3fe42024b8b3ec8c5dfa40696d

  • SHA1

    bdcff4d9f3187e6d5eed5384e23ce329f7ab51d6

  • SHA256

    7fad9a485710792b26e8991ecb7cddd16d43392d566268c658403c6b8123e600

  • SHA512

    4d068dfb224f09e5cdaaa8cd886b8e2f5567a4f947d525e0cb26c18d159031209ff685661f6fc68a8157eb7f611fd9013816f2c14b83ce105c74bc3a222a9c46

  • SSDEEP

    6144:FgUubS7tA9CY6ighbWAHT0zFJTYXqzsH7:Fdu2KkYXgV7HWYhb

Malware Config

Extracted

Family

redline

Botnet

ruzkii

C2

193.106.191.81:23196

Attributes
  • auth_value

    a2e61f725b549c0f63f5055c64a5b701

Targets

    • Target

      ad95e7ff87ddfa5548230a588ad3be78524731108543cd492adcd5c8b9500291

    • Size

      391KB

    • MD5

      d3af64be1c7ceff199d958c772c8cd21

    • SHA1

      42cceac967ab328904f74aa9de771ffd362083a3

    • SHA256

      ad95e7ff87ddfa5548230a588ad3be78524731108543cd492adcd5c8b9500291

    • SHA512

      9ef9ffe81af9289b9a3c3fcfd9d0eefd40da156d247312e34066037394255df1a13e5afe595fa8f4c8c6f9fea7852929dc57877bbecc2a243b9dafcb7adff092

    • SSDEEP

      6144:m6q06OgF8Ki+AkPmlwbEKsjup47BGnCY6igVbKAHT0zLJTYXqrLte3:mnTJ8KiLkP2wbEhjCTCYXgpvH6Y6Je

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks