General

  • Target

    c6453d4a1383efd1a6415ec86d9cc84ace367b54

  • Size

    441KB

  • Sample

    241111-hk9f5aylaq

  • MD5

    1deee1f15a616bffe711eb0d4f377022

  • SHA1

    c6453d4a1383efd1a6415ec86d9cc84ace367b54

  • SHA256

    3c371a1cc586144cc51f650c07002de2b2df9041c866920155a7b9f65c77f69e

  • SHA512

    6bebaac7d431b119074cc9dc4d90a900a2b45c1ad6df0a11b614c608eecce48596dadd4d678b6dd45feb8fe7246262eed3936cc096b3acda974a01e9fb9029f6

  • SSDEEP

    6144:nU9EKvNGNXUPhn6iyuCsSFaiEmKIR60RJcSeLuzbgwuO0RhSZnwVfT:nUeKvNGGPh6ix/SHKI3CnunnwRhk

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      c6453d4a1383efd1a6415ec86d9cc84ace367b54

    • Size

      441KB

    • MD5

      1deee1f15a616bffe711eb0d4f377022

    • SHA1

      c6453d4a1383efd1a6415ec86d9cc84ace367b54

    • SHA256

      3c371a1cc586144cc51f650c07002de2b2df9041c866920155a7b9f65c77f69e

    • SHA512

      6bebaac7d431b119074cc9dc4d90a900a2b45c1ad6df0a11b614c608eecce48596dadd4d678b6dd45feb8fe7246262eed3936cc096b3acda974a01e9fb9029f6

    • SSDEEP

      6144:nU9EKvNGNXUPhn6iyuCsSFaiEmKIR60RJcSeLuzbgwuO0RhSZnwVfT:nUeKvNGGPh6ix/SHKI3CnunnwRhk

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks