General

  • Target

    59515d2b08f264befaeb3beef281c5abd4bb64e20a0d1e426c5954efaeee6871

  • Size

    423KB

  • Sample

    241110-qs1sysxjgy

  • MD5

    4888b390d38db1b6abff9fa3ab8564b5

  • SHA1

    9be76f8de9cfce38c9d31e9365c1c4997cc98bc7

  • SHA256

    59515d2b08f264befaeb3beef281c5abd4bb64e20a0d1e426c5954efaeee6871

  • SHA512

    54400caa6e1589f133685c7abd7c05433552954d3c53752abdbf87e46ec71b5f960e9d85102683192716f339447b3dc96f49db5d21711d1bd289c7b227d303b8

  • SSDEEP

    12288:hF2vwqcFXzdsnS6xCiyXAGLMYQHtpM2y7j:hF2XQeS6xCVbMF82q

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      59515d2b08f264befaeb3beef281c5abd4bb64e20a0d1e426c5954efaeee6871

    • Size

      423KB

    • MD5

      4888b390d38db1b6abff9fa3ab8564b5

    • SHA1

      9be76f8de9cfce38c9d31e9365c1c4997cc98bc7

    • SHA256

      59515d2b08f264befaeb3beef281c5abd4bb64e20a0d1e426c5954efaeee6871

    • SHA512

      54400caa6e1589f133685c7abd7c05433552954d3c53752abdbf87e46ec71b5f960e9d85102683192716f339447b3dc96f49db5d21711d1bd289c7b227d303b8

    • SSDEEP

      12288:hF2vwqcFXzdsnS6xCiyXAGLMYQHtpM2y7j:hF2XQeS6xCVbMF82q

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks