General

  • Target

    d5a2116741d5dc439ec9dc4e678d5fe728705d6cb1861ab2b79217f354ccad23

  • Size

    362KB

  • Sample

    241110-cb94eaxamj

  • MD5

    e58659ac9cd163dee8e5c5dcab94ea60

  • SHA1

    b95a9746de69f19fb802ab8d2ded9a84f29bca30

  • SHA256

    d5a2116741d5dc439ec9dc4e678d5fe728705d6cb1861ab2b79217f354ccad23

  • SHA512

    5fe38eda6880d65e33cb7e49cc3734eba392e134272fc968c6f5e74201eba5dc57df83aa33db475e8816338341c8d595af23ca72492cb4f92cede8084dc766f1

  • SSDEEP

    6144:ncjhxY/FK9vGVpCa8vorct6po60HIWkX68L4kqspYK3f6ZdDzb1HVbgMv6:ncvOFK9+VpKgrctDkX6+4pxpHVbs

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      d5a2116741d5dc439ec9dc4e678d5fe728705d6cb1861ab2b79217f354ccad23

    • Size

      362KB

    • MD5

      e58659ac9cd163dee8e5c5dcab94ea60

    • SHA1

      b95a9746de69f19fb802ab8d2ded9a84f29bca30

    • SHA256

      d5a2116741d5dc439ec9dc4e678d5fe728705d6cb1861ab2b79217f354ccad23

    • SHA512

      5fe38eda6880d65e33cb7e49cc3734eba392e134272fc968c6f5e74201eba5dc57df83aa33db475e8816338341c8d595af23ca72492cb4f92cede8084dc766f1

    • SSDEEP

      6144:ncjhxY/FK9vGVpCa8vorct6po60HIWkX68L4kqspYK3f6ZdDzb1HVbgMv6:ncvOFK9+VpKgrctDkX6+4pxpHVbs

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks