General

  • Target

    d6b9844b58974e808afe6788170ccf9f49a4cebd5b76824987a4ad07cdf61464

  • Size

    272KB

  • Sample

    241110-qncwbsxjaz

  • MD5

    fea3c52b1d436fd9e86ff842f67bee33

  • SHA1

    5bd9146ffa3710ae60ac71dadae9556d5919118e

  • SHA256

    d6b9844b58974e808afe6788170ccf9f49a4cebd5b76824987a4ad07cdf61464

  • SHA512

    f2da300dd8eb859b7a2c8da0971dfa18ff625aa109069fb5c2e42a8c1bc595d0b25e81bcb073f80adea9e20ab60fd371d6945fc7d4d3b1dc0333508d2066e30a

  • SSDEEP

    3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz

Malware Config

Extracted

Family

redline

Botnet

ruma

C2

193.233.20.13:4136

Attributes
  • auth_value

    647d00dfaba082a4a30f383bca5d1a2a

Targets

    • Target

      d6b9844b58974e808afe6788170ccf9f49a4cebd5b76824987a4ad07cdf61464

    • Size

      272KB

    • MD5

      fea3c52b1d436fd9e86ff842f67bee33

    • SHA1

      5bd9146ffa3710ae60ac71dadae9556d5919118e

    • SHA256

      d6b9844b58974e808afe6788170ccf9f49a4cebd5b76824987a4ad07cdf61464

    • SHA512

      f2da300dd8eb859b7a2c8da0971dfa18ff625aa109069fb5c2e42a8c1bc595d0b25e81bcb073f80adea9e20ab60fd371d6945fc7d4d3b1dc0333508d2066e30a

    • SSDEEP

      3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wig:B6jodYx9cYKpzwAAh3nz

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks