General

  • Target

    0a528439c12e9822060e4d470cfb2a72

  • Size

    98KB

  • Sample

    231224-wm4wbadcdl

  • MD5

    0a528439c12e9822060e4d470cfb2a72

  • SHA1

    e3a1a423a179ec3ee494344091997329fb38dfb6

  • SHA256

    72b61f9477d238b49b75570dc71524ee1600169e1f0f7e1d20fcc4534b050f36

  • SHA512

    bb513eecc49dd35337f945cc4b26b99afdcc7004ec28f3f43c9311c603517f454abad3d3dd7ee469c2007d4e6d5870eb6038754eab309e02aeda7f560bc650ac

  • SSDEEP

    1536:h3LNmocuV9hguGkYNYCsYYG1fKJFlsmbfexvWvvUyyedgw3bqCxXsEeG6ijoigW:hxmocYYNYHYXSJ/hgWvcyzdUSnZ

Malware Config

Extracted

Family

redline

Botnet

@design_stalkar

C2

152.228.150.198:11188

Targets

    • Target

      0a528439c12e9822060e4d470cfb2a72

    • Size

      98KB

    • MD5

      0a528439c12e9822060e4d470cfb2a72

    • SHA1

      e3a1a423a179ec3ee494344091997329fb38dfb6

    • SHA256

      72b61f9477d238b49b75570dc71524ee1600169e1f0f7e1d20fcc4534b050f36

    • SHA512

      bb513eecc49dd35337f945cc4b26b99afdcc7004ec28f3f43c9311c603517f454abad3d3dd7ee469c2007d4e6d5870eb6038754eab309e02aeda7f560bc650ac

    • SSDEEP

      1536:h3LNmocuV9hguGkYNYCsYYG1fKJFlsmbfexvWvvUyyedgw3bqCxXsEeG6ijoigW:hxmocYYNYHYXSJ/hgWvcyzdUSnZ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks