General

  • Target

    5e8e7a4ff6e3b3e706ef66fcfd78d046

  • Size

    441KB

  • Sample

    241111-hec6qsvcrm

  • MD5

    5e8e7a4ff6e3b3e706ef66fcfd78d046

  • SHA1

    b555e481d94c6d69624f9e08057edc2fd9237bd1

  • SHA256

    1e044ac517ae17927b88897a4397dcb100a848ba67c36fd970d8db52f7c3eab9

  • SHA512

    3b0c90cab90aef4d16712fe9cb147e803283b41c8512ce22f579fd23bc5c6388afee7ea8e31328de8a8b8473517d548a261d0880b28ea3e5c867bb1ce78336ef

  • SSDEEP

    6144:xU97KvNeHv4Kg3tQ5hMW03jEhH4fayeu0zNuzbgwuO0RZNrWwVfT:xU5KvNeP/gCGEhH4ChxunnwRZN

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      5e8e7a4ff6e3b3e706ef66fcfd78d046

    • Size

      441KB

    • MD5

      5e8e7a4ff6e3b3e706ef66fcfd78d046

    • SHA1

      b555e481d94c6d69624f9e08057edc2fd9237bd1

    • SHA256

      1e044ac517ae17927b88897a4397dcb100a848ba67c36fd970d8db52f7c3eab9

    • SHA512

      3b0c90cab90aef4d16712fe9cb147e803283b41c8512ce22f579fd23bc5c6388afee7ea8e31328de8a8b8473517d548a261d0880b28ea3e5c867bb1ce78336ef

    • SSDEEP

      6144:xU97KvNeHv4Kg3tQ5hMW03jEhH4fayeu0zNuzbgwuO0RZNrWwVfT:xU5KvNeP/gCGEhH4ChxunnwRZN

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks