General

  • Target

    6ba0aab9c4d6a1f3228306063c26c7339fc6777744da9a4118427b68e983c0c0

  • Size

    272KB

  • Sample

    241110-jxdqnawlbr

  • MD5

    7791c2fed51b66f7187be2bb58c82eb3

  • SHA1

    939f3f4ed1644377bb6de4506e69c0f281f0b223

  • SHA256

    6ba0aab9c4d6a1f3228306063c26c7339fc6777744da9a4118427b68e983c0c0

  • SHA512

    c508f2740f1b872ab96ae06b62e64b6811b30d7e5ad95b23eb49495d74a90c4732ff6e6d4d2d9112f1a55fe2ac9534b81d4aab4f4ea365ea9b06f579011bbe49

  • SSDEEP

    3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz

Malware Config

Extracted

Family

redline

Botnet

ruma

C2

193.233.20.13:4136

Attributes
  • auth_value

    647d00dfaba082a4a30f383bca5d1a2a

Targets

    • Target

      6ba0aab9c4d6a1f3228306063c26c7339fc6777744da9a4118427b68e983c0c0

    • Size

      272KB

    • MD5

      7791c2fed51b66f7187be2bb58c82eb3

    • SHA1

      939f3f4ed1644377bb6de4506e69c0f281f0b223

    • SHA256

      6ba0aab9c4d6a1f3228306063c26c7339fc6777744da9a4118427b68e983c0c0

    • SHA512

      c508f2740f1b872ab96ae06b62e64b6811b30d7e5ad95b23eb49495d74a90c4732ff6e6d4d2d9112f1a55fe2ac9534b81d4aab4f4ea365ea9b06f579011bbe49

    • SSDEEP

      3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks