General

  • Target

    b40bd43d846ffa4bc00e9b857d702b72e640b6bd

  • Size

    353KB

  • Sample

    241110-tsnp6szlev

  • MD5

    44a8a15a5dfdd7deb43fa891f17153d7

  • SHA1

    b40bd43d846ffa4bc00e9b857d702b72e640b6bd

  • SHA256

    4c9c616f66deb2aab32594f5f7a506e878ea656dbd5188e5a24ec35968c1effe

  • SHA512

    e6e5a024c6917b43cc3ca6ce25457a99822e71ea7a2c6a0bb4ef76b32be372edd20a4e23da99deadf9ad5658c160b3206f7f54bf71b900c0226a050c58ed229f

  • SSDEEP

    6144:ndjk8KtaDjBVJB6e5by8dyZKwk+ypyVNLP29QkwZUhGT+XFRI9r5a7QosPw2o4:djkVaDjBVJB6jgyZ4+ypyLP29QBKX0zQ

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      b40bd43d846ffa4bc00e9b857d702b72e640b6bd

    • Size

      353KB

    • MD5

      44a8a15a5dfdd7deb43fa891f17153d7

    • SHA1

      b40bd43d846ffa4bc00e9b857d702b72e640b6bd

    • SHA256

      4c9c616f66deb2aab32594f5f7a506e878ea656dbd5188e5a24ec35968c1effe

    • SHA512

      e6e5a024c6917b43cc3ca6ce25457a99822e71ea7a2c6a0bb4ef76b32be372edd20a4e23da99deadf9ad5658c160b3206f7f54bf71b900c0226a050c58ed229f

    • SSDEEP

      6144:ndjk8KtaDjBVJB6e5by8dyZKwk+ypyVNLP29QkwZUhGT+XFRI9r5a7QosPw2o4:djkVaDjBVJB6jgyZ4+ypyLP29QBKX0zQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks