General

  • Target

    1034df60f4823558fa3a7357066b5198

  • Size

    264KB

  • Sample

    231230-gcr2fafafn

  • MD5

    1034df60f4823558fa3a7357066b5198

  • SHA1

    6fe05b5cd78822334561591a99a2a728149cbe59

  • SHA256

    aba08bc5be45eec261c5aa56eceffb02b90fbbd6ec8fd25262ff8c240f1549cc

  • SHA512

    9bb457869342cd1fd6dbd62108afa7a4dcc541925de9dfd7ce0265c460363e477ee782df0da8df98604e6481f799930ee223e30f2698119859ebcbf628b1a2fb

  • SSDEEP

    3072:h/7nwVUSNP6fQbpsEAt98LrvFQbkn4sFs8DOUjrCgMbpStwbBNQRfRB6OAKT0yBd:1WgUpsl98H94utSvvtSAs6W

Malware Config

Extracted

Family

redline

C2

185.215.113.29:8889

Targets

    • Target

      1034df60f4823558fa3a7357066b5198

    • Size

      264KB

    • MD5

      1034df60f4823558fa3a7357066b5198

    • SHA1

      6fe05b5cd78822334561591a99a2a728149cbe59

    • SHA256

      aba08bc5be45eec261c5aa56eceffb02b90fbbd6ec8fd25262ff8c240f1549cc

    • SHA512

      9bb457869342cd1fd6dbd62108afa7a4dcc541925de9dfd7ce0265c460363e477ee782df0da8df98604e6481f799930ee223e30f2698119859ebcbf628b1a2fb

    • SSDEEP

      3072:h/7nwVUSNP6fQbpsEAt98LrvFQbkn4sFs8DOUjrCgMbpStwbBNQRfRB6OAKT0yBd:1WgUpsl98H94utSvvtSAs6W

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks