General

  • Target

    1d6618ca6576ca8e08d5c626573063f81f7464aa

  • Size

    352KB

  • Sample

    241110-yts4haxlbk

  • MD5

    9cdca15e43dccac1622ed880deff1c91

  • SHA1

    1d6618ca6576ca8e08d5c626573063f81f7464aa

  • SHA256

    f9eebf3beb0177acf8c1b9fdb19dd0e7614aa5d3783c5950a63585f17be3af4a

  • SHA512

    087f10dc16a7b45d90c5e48668e05914d4a68712a08fb90c16803a1a316a6bf538c770fc602dd4c477ca034ff50959e7aab3931e1ed79ae24e3ee7a2fdccefb9

  • SSDEEP

    6144:DBPk6qtqDxx6kILC8NFcqF5G6LZBazTv6XStls2VeHiDjbjIMQVY5CcsiU:dPkHqDxx6uQFcq/G6LZkaitlskDnjIt7

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      1d6618ca6576ca8e08d5c626573063f81f7464aa

    • Size

      352KB

    • MD5

      9cdca15e43dccac1622ed880deff1c91

    • SHA1

      1d6618ca6576ca8e08d5c626573063f81f7464aa

    • SHA256

      f9eebf3beb0177acf8c1b9fdb19dd0e7614aa5d3783c5950a63585f17be3af4a

    • SHA512

      087f10dc16a7b45d90c5e48668e05914d4a68712a08fb90c16803a1a316a6bf538c770fc602dd4c477ca034ff50959e7aab3931e1ed79ae24e3ee7a2fdccefb9

    • SSDEEP

      6144:DBPk6qtqDxx6kILC8NFcqF5G6LZBazTv6XStls2VeHiDjbjIMQVY5CcsiU:dPkHqDxx6uQFcq/G6LZkaitlskDnjIt7

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks