General

  • Target

    8ed939591a3b833e00715220bec1955d1e789b168715589ad9c66789835b3b8e

  • Size

    252KB

  • Sample

    241111-d6x8rssbjk

  • MD5

    3ad02f9825357340c0f0e1b152191267

  • SHA1

    631fb3e273dc46fa064b15986e302caae1cd0bf1

  • SHA256

    8ed939591a3b833e00715220bec1955d1e789b168715589ad9c66789835b3b8e

  • SHA512

    97ce19e4c82ffa662215799300be0d7a764f938bc3339d0a54f446da5eb5202a51fae4dc7c0ef8a523d9f1b4942d6073a02d272de508eea100eba102c132a814

  • SSDEEP

    6144:pV142+eMovC0lds9tN7Z8AqOauWJgtkePhz0k9EKVpO9C:pV1JBMgTotNivJePhz0wF/O9C

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      191ad88ab4da478d477fb67fab4e59fe02f8b7fcea09bbb3a21ade67daa09d21

    • Size

      385KB

    • MD5

      2635461504b92c1bd8a1f7bf9918f2e6

    • SHA1

      3856ab7b5e82009fa18e7d576af1b5a4f1a9ce18

    • SHA256

      191ad88ab4da478d477fb67fab4e59fe02f8b7fcea09bbb3a21ade67daa09d21

    • SHA512

      95d4c3c26c40e2899a52ac6f480055f99a77993f956807d702b6a8473dff9db07cfd36fdd7b2d174e13c23dbfb3243dbe323062992585598902fac0d7da46c72

    • SSDEEP

      6144:fpm3AV2cusVtN7Z8AqOauWZgtkeJhz0kfCaHaC3Bm:fpmQV2c9tNivZeJhz0sjHzB

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks