General

  • Target

    d396f2e43eefa59a6a7c9763a8f01ca4af5a01302ea0e484935675af4ecd80de

  • Size

    396KB

  • Sample

    241110-kzvydswrgp

  • MD5

    7d90efc2f0ad7e61ae4b8155b64e250e

  • SHA1

    08b7ce6c8449417f117ad8f2725d27404e426421

  • SHA256

    d396f2e43eefa59a6a7c9763a8f01ca4af5a01302ea0e484935675af4ecd80de

  • SHA512

    d321453bd9764b5e6578f95fe633cac17b71799d793dfdee57dac85c38806aa60cd5b6063b5b029a3bae1f1282a282640a7c9bf5b7c137638bef3b0f58dd31ea

  • SSDEEP

    6144:3VIz6uFfiGA+tmO1THf+mPDhF4i0JvnsPFs2TM+TiX61/Oaa+qYr1QHAo:lI+6iGNgO1TH7PDqM6+T0CO1PYr1

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      d396f2e43eefa59a6a7c9763a8f01ca4af5a01302ea0e484935675af4ecd80de

    • Size

      396KB

    • MD5

      7d90efc2f0ad7e61ae4b8155b64e250e

    • SHA1

      08b7ce6c8449417f117ad8f2725d27404e426421

    • SHA256

      d396f2e43eefa59a6a7c9763a8f01ca4af5a01302ea0e484935675af4ecd80de

    • SHA512

      d321453bd9764b5e6578f95fe633cac17b71799d793dfdee57dac85c38806aa60cd5b6063b5b029a3bae1f1282a282640a7c9bf5b7c137638bef3b0f58dd31ea

    • SSDEEP

      6144:3VIz6uFfiGA+tmO1THf+mPDhF4i0JvnsPFs2TM+TiX61/Oaa+qYr1QHAo:lI+6iGNgO1TH7PDqM6+T0CO1PYr1

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks