General

  • Target

    3629387c7aa32a1b847b1429a71ccf55

  • Size

    208KB

  • Sample

    241111-mzxhbs1rfj

  • MD5

    3629387c7aa32a1b847b1429a71ccf55

  • SHA1

    2821003c17794103d213f0eb2dbecb4f20bf9f74

  • SHA256

    2eb14db60f4fa643f23d6e8ffd51e81c12c6b86ba5a026621687db4bf641b9f0

  • SHA512

    937a479485f91b97f660fb053ecc01889c5c9260a32d69b5c36b1bfee42fac250d136341b1ec8a4b75c8b45830a3c93797e0888fdde7c4a3831e092df5c95d68

  • SSDEEP

    3072:D5Vw/aGhNIhegGSdqRBKNMM6RR2Ugwetho7z6pg+2Bv:DA/KUg9gfKKYthKeo

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes
  • auth_value

    c504b04cfbdd4bf85ce6195bcb37fba6

Targets

    • Target

      3629387c7aa32a1b847b1429a71ccf55

    • Size

      208KB

    • MD5

      3629387c7aa32a1b847b1429a71ccf55

    • SHA1

      2821003c17794103d213f0eb2dbecb4f20bf9f74

    • SHA256

      2eb14db60f4fa643f23d6e8ffd51e81c12c6b86ba5a026621687db4bf641b9f0

    • SHA512

      937a479485f91b97f660fb053ecc01889c5c9260a32d69b5c36b1bfee42fac250d136341b1ec8a4b75c8b45830a3c93797e0888fdde7c4a3831e092df5c95d68

    • SSDEEP

      3072:D5Vw/aGhNIhegGSdqRBKNMM6RR2Ugwetho7z6pg+2Bv:DA/KUg9gfKKYthKeo

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks