General

  • Target

    7218efa643aa55e06d3c64240ac6db082d538502

  • Size

    253KB

  • Sample

    241110-br1n8svrgy

  • MD5

    7784f5aa21cfabd0216d653f5c719050

  • SHA1

    7218efa643aa55e06d3c64240ac6db082d538502

  • SHA256

    0b6d6c2c740fa129e7109b79ccb4a7f8423e392de72747ee4fd050cf64cac5eb

  • SHA512

    0a697bef25e6ee481283138d789b534399bb06571b9a1c35c9fcb89bcbb69920507f184196015a6ff1e006756ab369525cef5f3bfc04813e57bb3be72b2fac1d

  • SSDEEP

    3072:1i71qfqtxVq54bZB4fpo7qIAMgKFyAYbC37ShZn7J0+30tPYXnCvHXZISwCkKiVT:1iJGu4m71FyjTh6gXCvHJKVe1aAp+D

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      6e9f88a0af182b687c5fa656669c7a3fbbc99135aadbc8d81785d69be0326dce

    • Size

      385KB

    • MD5

      f237575ba9bb03c0cf44fcd54fb4b803

    • SHA1

      c70b37543331f686274dfb4716c869f42ced2ab5

    • SHA256

      6e9f88a0af182b687c5fa656669c7a3fbbc99135aadbc8d81785d69be0326dce

    • SHA512

      bc9fbe99132a6af53dc12fea9b354d1f268e24dc913fc3c0ecd3deddc2b56e7700e488c471f5fa63133bdb94ef47c3bb8275c1804a756532d1bf1de594839571

    • SSDEEP

      6144:7Dg0YhZtkPTWCF0SFy9ThsgXCvpJKVZvD7e6+Z8:7Dg5hZOPTrPUhsvPuva

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks