General

  • Target

    098f04f508701ee1b926f28acd920df6c57bead911c24b3e731a579302699ea1

  • Size

    272KB

  • Sample

    241110-pcn9jswfnk

  • MD5

    5240ed3d257c6bf522f165edc2031d92

  • SHA1

    90e42037ee054c8e232af7d1a4b51dfe4f882506

  • SHA256

    098f04f508701ee1b926f28acd920df6c57bead911c24b3e731a579302699ea1

  • SHA512

    fb25784904d584d231d90a541cab975aa58bc3921d79b2783182e6797605f04da4fbf226a7606a4f86734161024a5d367e5e16e32d534f7c469c45c9bce7ad93

  • SSDEEP

    3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz

Malware Config

Extracted

Family

redline

Botnet

ruma

C2

193.233.20.13:4136

Attributes
  • auth_value

    647d00dfaba082a4a30f383bca5d1a2a

Targets

    • Target

      098f04f508701ee1b926f28acd920df6c57bead911c24b3e731a579302699ea1

    • Size

      272KB

    • MD5

      5240ed3d257c6bf522f165edc2031d92

    • SHA1

      90e42037ee054c8e232af7d1a4b51dfe4f882506

    • SHA256

      098f04f508701ee1b926f28acd920df6c57bead911c24b3e731a579302699ea1

    • SHA512

      fb25784904d584d231d90a541cab975aa58bc3921d79b2783182e6797605f04da4fbf226a7606a4f86734161024a5d367e5e16e32d534f7c469c45c9bce7ad93

    • SSDEEP

      3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks