General

  • Target

    b7ca7fa912ed58848a8db7db7377b8deb2d82e7acb54d8c5b30692fd475c71f3

  • Size

    272KB

  • Sample

    241110-knwesatckl

  • MD5

    584f4c94699201015ca0e588b7b8dde7

  • SHA1

    1363577f87bfb243bd1b2b3c9a51725b11a279d7

  • SHA256

    b7ca7fa912ed58848a8db7db7377b8deb2d82e7acb54d8c5b30692fd475c71f3

  • SHA512

    ff626f9160161bfeeb2293749c9619c7b7be8a0472f4b7e50b754a6b86579dbd81c4fbefd10e6ac68c1fdd878d02ee2189c9b6d37b3705ee4060ecaaf81ef934

  • SSDEEP

    3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz

Malware Config

Extracted

Family

redline

Botnet

ruma

C2

193.233.20.13:4136

Attributes
  • auth_value

    647d00dfaba082a4a30f383bca5d1a2a

Targets

    • Target

      b7ca7fa912ed58848a8db7db7377b8deb2d82e7acb54d8c5b30692fd475c71f3

    • Size

      272KB

    • MD5

      584f4c94699201015ca0e588b7b8dde7

    • SHA1

      1363577f87bfb243bd1b2b3c9a51725b11a279d7

    • SHA256

      b7ca7fa912ed58848a8db7db7377b8deb2d82e7acb54d8c5b30692fd475c71f3

    • SHA512

      ff626f9160161bfeeb2293749c9619c7b7be8a0472f4b7e50b754a6b86579dbd81c4fbefd10e6ac68c1fdd878d02ee2189c9b6d37b3705ee4060ecaaf81ef934

    • SSDEEP

      3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks