General

  • Target

    76535f9672fef4e08b4d5ab51d21dd74

  • Size

    385KB

  • Sample

    231226-r2be4agcak

  • MD5

    76535f9672fef4e08b4d5ab51d21dd74

  • SHA1

    7e2569980f457c782897647516997c1cfeaed2c0

  • SHA256

    dee376d55553ad1514db1ee072bf85790f43dc6007ac95379648b3794bc82642

  • SHA512

    bc9caea0380c084ee805b4c47dd0a3913c72c403448604d5da103cbbf00b8c43c735deff79aa0769466ca1b184a9b16ec01ec84a6c8e89d87afff7858fbbe790

  • SSDEEP

    6144:6Cd8yACr4kr4VMvbYG3bv8u2qcpdDD3NrgYH8XwSncn58oeSn/JGWrg/WV:sTCr/UVMvb/vjiD75lMnY58oeSnsl

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.114:8887

Targets

    • Target

      76535f9672fef4e08b4d5ab51d21dd74

    • Size

      385KB

    • MD5

      76535f9672fef4e08b4d5ab51d21dd74

    • SHA1

      7e2569980f457c782897647516997c1cfeaed2c0

    • SHA256

      dee376d55553ad1514db1ee072bf85790f43dc6007ac95379648b3794bc82642

    • SHA512

      bc9caea0380c084ee805b4c47dd0a3913c72c403448604d5da103cbbf00b8c43c735deff79aa0769466ca1b184a9b16ec01ec84a6c8e89d87afff7858fbbe790

    • SSDEEP

      6144:6Cd8yACr4kr4VMvbYG3bv8u2qcpdDD3NrgYH8XwSncn58oeSn/JGWrg/WV:sTCr/UVMvb/vjiD75lMnY58oeSnsl

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks