General

  • Target

    f4376e0b4c590862b34304d725c16a17b749ce5bced2c67f4e7014b61b36b2c2

  • Size

    400KB

  • Sample

    241110-pkxkwswlet

  • MD5

    88673441cff46dc4681b70d364dbffb4

  • SHA1

    36cd4b1fa7c9c529da198d655ba2772a8f83e356

  • SHA256

    f4376e0b4c590862b34304d725c16a17b749ce5bced2c67f4e7014b61b36b2c2

  • SHA512

    075dd9e6c590d591c95f6d868f0a34e6f6d52d4f3132e763ee697283d8627bf5feb219b1f11bc947859a8e9aa346f9b194ed93eebd5dbd2fba4a37b8b036da77

  • SSDEEP

    12288:ETxsMDr+c0PHGqkN9X6CFbZ9EPGvWuMwLpDtdy:iscbYmqkb6onvJJpDG

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      f4376e0b4c590862b34304d725c16a17b749ce5bced2c67f4e7014b61b36b2c2

    • Size

      400KB

    • MD5

      88673441cff46dc4681b70d364dbffb4

    • SHA1

      36cd4b1fa7c9c529da198d655ba2772a8f83e356

    • SHA256

      f4376e0b4c590862b34304d725c16a17b749ce5bced2c67f4e7014b61b36b2c2

    • SHA512

      075dd9e6c590d591c95f6d868f0a34e6f6d52d4f3132e763ee697283d8627bf5feb219b1f11bc947859a8e9aa346f9b194ed93eebd5dbd2fba4a37b8b036da77

    • SSDEEP

      12288:ETxsMDr+c0PHGqkN9X6CFbZ9EPGvWuMwLpDtdy:iscbYmqkb6onvJJpDG

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks