General

  • Target

    337a22a21cb99f647b851c837185cc30449b904d3fad800220e4ce7d3cf73eea

  • Size

    420KB

  • Sample

    241111-dx8m5sscka

  • MD5

    24654df971e40e5e18d37788fc77e747

  • SHA1

    99b5da87ee43947240823b3f94cf4c15b6c32a91

  • SHA256

    337a22a21cb99f647b851c837185cc30449b904d3fad800220e4ce7d3cf73eea

  • SHA512

    5db40781b5a4e27ffa984c9023cffd2489899faba05438f7629c96bc8ebda976c108ca1ad039bf905b4c1266741847c1ad80fbac8ed5376dea032d961ed6311c

  • SSDEEP

    6144:YVoV+aKItjk+d9p0zrEaGNhpcZd8h9TIDxowhGIB64trXBXHWy2hi37nTOunhQiQ:JV+kAm70zYaGWdCB0mq2y2hi3HDuS27

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      337a22a21cb99f647b851c837185cc30449b904d3fad800220e4ce7d3cf73eea

    • Size

      420KB

    • MD5

      24654df971e40e5e18d37788fc77e747

    • SHA1

      99b5da87ee43947240823b3f94cf4c15b6c32a91

    • SHA256

      337a22a21cb99f647b851c837185cc30449b904d3fad800220e4ce7d3cf73eea

    • SHA512

      5db40781b5a4e27ffa984c9023cffd2489899faba05438f7629c96bc8ebda976c108ca1ad039bf905b4c1266741847c1ad80fbac8ed5376dea032d961ed6311c

    • SSDEEP

      6144:YVoV+aKItjk+d9p0zrEaGNhpcZd8h9TIDxowhGIB64trXBXHWy2hi37nTOunhQiQ:JV+kAm70zYaGWdCB0mq2y2hi3HDuS27

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks