General

  • Target

    08765647e0a4fd65da336d0402f3b565

  • Size

    340KB

  • Sample

    231230-ap6xssbac4

  • MD5

    08765647e0a4fd65da336d0402f3b565

  • SHA1

    e12292d3cf7e2675406e501e394ae281de8a2fc8

  • SHA256

    87a5547b773ce38ab5447ad9f5eb2b61cd7b6b954e090fa54c2604a4ea8a6127

  • SHA512

    9f57cd72b0a4c567a7317895062cd198312983ab97b5431ab313e5ac9fe86d6ea0e4271383dd92bb0b046d3a1d8e4bdf031efcb9729aa792314ba682671c5fe0

  • SSDEEP

    6144:Lo3JsmrX+zuU6Ak/pf4szG+smy501+sqvnAYcZz/s/JNt9z:eemrX+CUI/Z48ue1+sqvnA/z/sBZ

Malware Config

Extracted

Family

redline

C2

193.38.55.57:7575

Targets

    • Target

      08765647e0a4fd65da336d0402f3b565

    • Size

      340KB

    • MD5

      08765647e0a4fd65da336d0402f3b565

    • SHA1

      e12292d3cf7e2675406e501e394ae281de8a2fc8

    • SHA256

      87a5547b773ce38ab5447ad9f5eb2b61cd7b6b954e090fa54c2604a4ea8a6127

    • SHA512

      9f57cd72b0a4c567a7317895062cd198312983ab97b5431ab313e5ac9fe86d6ea0e4271383dd92bb0b046d3a1d8e4bdf031efcb9729aa792314ba682671c5fe0

    • SSDEEP

      6144:Lo3JsmrX+zuU6Ak/pf4szG+smy501+sqvnAYcZz/s/JNt9z:eemrX+CUI/Z48ue1+sqvnA/z/sBZ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks