General

  • Target

    0f7b6037afdc508b17dd99eb1610ef49

  • Size

    314KB

  • Sample

    231230-fqb2psagfn

  • MD5

    0f7b6037afdc508b17dd99eb1610ef49

  • SHA1

    44b0f219a9109400b08d8645fa4abca53bea0ede

  • SHA256

    a17d32cc61b54b318b29d3d89ef9fd4f925cb828b2510b3c411bfb0e9f2c8637

  • SHA512

    8b7528da9a74d25137d513b0ac9b85003fbee5c706cf466109e7f62855d91d4fd72c816b60bb7f30d22dd835a906383dfca977af1f91554b8f4bab275ccccea7

  • SSDEEP

    6144:ue30UkkCp5wJr2s2Tsp2HODPIgLO0F5SBU/QE5TmGSXDoevju8:t0FkCp5wJEowOzO0TpXwdDNvR

Malware Config

Extracted

Family

redline

Botnet

test

C2

193.56.146.78:51487

Targets

    • Target

      0f7b6037afdc508b17dd99eb1610ef49

    • Size

      314KB

    • MD5

      0f7b6037afdc508b17dd99eb1610ef49

    • SHA1

      44b0f219a9109400b08d8645fa4abca53bea0ede

    • SHA256

      a17d32cc61b54b318b29d3d89ef9fd4f925cb828b2510b3c411bfb0e9f2c8637

    • SHA512

      8b7528da9a74d25137d513b0ac9b85003fbee5c706cf466109e7f62855d91d4fd72c816b60bb7f30d22dd835a906383dfca977af1f91554b8f4bab275ccccea7

    • SSDEEP

      6144:ue30UkkCp5wJr2s2Tsp2HODPIgLO0F5SBU/QE5TmGSXDoevju8:t0FkCp5wJEowOzO0TpXwdDNvR

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks