General

  • Target

    f7dc4e92771869bdf824e99389896216af4522c47a0d3db195724c3a5a8d25c9

  • Size

    272KB

  • Sample

    241110-ht1kkssbkj

  • MD5

    cd52e6a49a28fde5cacb4b6fcb3ae626

  • SHA1

    975a1b6aa7c3a4ebba4bbe7108b8a86812427098

  • SHA256

    f7dc4e92771869bdf824e99389896216af4522c47a0d3db195724c3a5a8d25c9

  • SHA512

    769a4c8cc25e80c10b8cdd93d151f28320ece96c1c9b5bfea34a21995932624dc8d9b82e495d5aca84dddc1a98fb7987805cfbd47197932ae1d72fdbda1cf0eb

  • SSDEEP

    3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz

Malware Config

Extracted

Family

redline

Botnet

ruma

C2

193.233.20.13:4136

Attributes
  • auth_value

    647d00dfaba082a4a30f383bca5d1a2a

Targets

    • Target

      f7dc4e92771869bdf824e99389896216af4522c47a0d3db195724c3a5a8d25c9

    • Size

      272KB

    • MD5

      cd52e6a49a28fde5cacb4b6fcb3ae626

    • SHA1

      975a1b6aa7c3a4ebba4bbe7108b8a86812427098

    • SHA256

      f7dc4e92771869bdf824e99389896216af4522c47a0d3db195724c3a5a8d25c9

    • SHA512

      769a4c8cc25e80c10b8cdd93d151f28320ece96c1c9b5bfea34a21995932624dc8d9b82e495d5aca84dddc1a98fb7987805cfbd47197932ae1d72fdbda1cf0eb

    • SSDEEP

      3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks