General

  • Target

    2ba41e7c113b1666685b26c6fd88943dbabb5845

  • Size

    430KB

  • Sample

    241110-gyhpws1gje

  • MD5

    975352721856afda4695a990460d73ed

  • SHA1

    2ba41e7c113b1666685b26c6fd88943dbabb5845

  • SHA256

    f75f29a265afbfeb427818496ff7b69be648ac2c586ef87f0224be7c09b08ec7

  • SHA512

    8d2e934cf13e9df44f84b5b2649813e84a86c63b4a0c8c7fd28cea5446217fa9275da1b8083740aeaf22bb33e06d0a3d59236d7324641f54db0af5117b8df0e1

  • SSDEEP

    6144:uqZUvBAsV2+iF/uwmz17PXU4qbnvfr8NhsM73s4TGkzgDX0y7ITsqdiga:uqZUvBAsTiFSzAncB39G2y7j

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      2ba41e7c113b1666685b26c6fd88943dbabb5845

    • Size

      430KB

    • MD5

      975352721856afda4695a990460d73ed

    • SHA1

      2ba41e7c113b1666685b26c6fd88943dbabb5845

    • SHA256

      f75f29a265afbfeb427818496ff7b69be648ac2c586ef87f0224be7c09b08ec7

    • SHA512

      8d2e934cf13e9df44f84b5b2649813e84a86c63b4a0c8c7fd28cea5446217fa9275da1b8083740aeaf22bb33e06d0a3d59236d7324641f54db0af5117b8df0e1

    • SSDEEP

      6144:uqZUvBAsV2+iF/uwmz17PXU4qbnvfr8NhsM73s4TGkzgDX0y7ITsqdiga:uqZUvBAsTiFSzAncB39G2y7j

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks