General

  • Target

    74973c433db5674794ef5e7816e8406daf607e982d31ad8ef39e6b24e4aebb51

  • Size

    272KB

  • Sample

    241110-g1j1qs1gle

  • MD5

    848563542db9bafe8f71e755ac8a5e8a

  • SHA1

    11f0e8ad29f9bc7f8ad2d7890b6dc17802d4ef91

  • SHA256

    74973c433db5674794ef5e7816e8406daf607e982d31ad8ef39e6b24e4aebb51

  • SHA512

    514331134c49c4eae5ddc2d8fc5793633aa54cbdc3a5dfe0f6671a841e75377b1f2734c731541a0753d53b19443f69543bca1e792db7d589c58232b55bf78201

  • SSDEEP

    3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz

Malware Config

Extracted

Family

redline

Botnet

ruma

C2

193.233.20.13:4136

Attributes
  • auth_value

    647d00dfaba082a4a30f383bca5d1a2a

Targets

    • Target

      74973c433db5674794ef5e7816e8406daf607e982d31ad8ef39e6b24e4aebb51

    • Size

      272KB

    • MD5

      848563542db9bafe8f71e755ac8a5e8a

    • SHA1

      11f0e8ad29f9bc7f8ad2d7890b6dc17802d4ef91

    • SHA256

      74973c433db5674794ef5e7816e8406daf607e982d31ad8ef39e6b24e4aebb51

    • SHA512

      514331134c49c4eae5ddc2d8fc5793633aa54cbdc3a5dfe0f6671a841e75377b1f2734c731541a0753d53b19443f69543bca1e792db7d589c58232b55bf78201

    • SSDEEP

      3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks