General

  • Target

    28cba066c7043f64e14e63e10dff69d8f61966cb

  • Size

    379KB

  • Sample

    241110-pxgefaxcpd

  • MD5

    b56827c1ada1c9f350fe2e667769aad3

  • SHA1

    28cba066c7043f64e14e63e10dff69d8f61966cb

  • SHA256

    669a952a4a5f8821e254bdccbbce21eee6f8b67e2fe8dfe551906236ae8ede57

  • SHA512

    8a8fd3c1209161d69ae48a887fd442ab7ac10ead5d28694b874285f493fe89956c75ea81512ad35084ad6c9818b8a1252ee63c4c9c3bdfc13dd2e2c0ce98a631

  • SSDEEP

    6144:G/TWYmDe5jq4OBP8c233ctnJKm0LP/y5/I7OOVkzvB/xKBzqLQdfTYXO5D3rfMHb:G/TWa5jqhBPn233ctn4r/5rVkzwqwf8v

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      28cba066c7043f64e14e63e10dff69d8f61966cb

    • Size

      379KB

    • MD5

      b56827c1ada1c9f350fe2e667769aad3

    • SHA1

      28cba066c7043f64e14e63e10dff69d8f61966cb

    • SHA256

      669a952a4a5f8821e254bdccbbce21eee6f8b67e2fe8dfe551906236ae8ede57

    • SHA512

      8a8fd3c1209161d69ae48a887fd442ab7ac10ead5d28694b874285f493fe89956c75ea81512ad35084ad6c9818b8a1252ee63c4c9c3bdfc13dd2e2c0ce98a631

    • SSDEEP

      6144:G/TWYmDe5jq4OBP8c233ctnJKm0LP/y5/I7OOVkzvB/xKBzqLQdfTYXO5D3rfMHb:G/TWa5jqhBPn233ctn4r/5rVkzwqwf8v

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks