General

  • Target

    19930f3c6bd803abab3f5f77abcdc9a3

  • Size

    418KB

  • Sample

    241111-l9sfpaxkfs

  • MD5

    19930f3c6bd803abab3f5f77abcdc9a3

  • SHA1

    5ee693f85f5a8664bdad3f75954c6fcd88236e6b

  • SHA256

    fa05558c84feb83e402832c0b8df88440801c58f7716974c8cc874c4d15e318a

  • SHA512

    42c2dc1b8bbbd0168a4c8e28aa6548e2808a6dd5a8af225b7250ec5fa3be91d63f27552c6551c824d22e35fb796645c25ba2e7836a61f7e47be9c60bb8c5e1a1

  • SSDEEP

    12288:oVcK2oxYYYjXjq3o3S400aGcBbbPGI5tQ79:oVWoxYYYjXm4i/TGcBbb+I3a

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      19930f3c6bd803abab3f5f77abcdc9a3

    • Size

      418KB

    • MD5

      19930f3c6bd803abab3f5f77abcdc9a3

    • SHA1

      5ee693f85f5a8664bdad3f75954c6fcd88236e6b

    • SHA256

      fa05558c84feb83e402832c0b8df88440801c58f7716974c8cc874c4d15e318a

    • SHA512

      42c2dc1b8bbbd0168a4c8e28aa6548e2808a6dd5a8af225b7250ec5fa3be91d63f27552c6551c824d22e35fb796645c25ba2e7836a61f7e47be9c60bb8c5e1a1

    • SSDEEP

      12288:oVcK2oxYYYjXjq3o3S400aGcBbbPGI5tQ79:oVWoxYYYjXm4i/TGcBbb+I3a

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks