General

  • Target

    11821df0179e7acadb1226ffb045b8cf

  • Size

    100KB

  • Sample

    231230-hnkxyahed9

  • MD5

    11821df0179e7acadb1226ffb045b8cf

  • SHA1

    fd30b6b8fb5250d3816922b58b2921e7f6f8b473

  • SHA256

    6d807d0723b2a5cc11bb2f7e83b678cfd9f981c17dc9fa32d6c79aa42dfd31bd

  • SHA512

    3aa6a4f81636fbac9c19bc0fb451cd9241376e53b8d68ce0a0d56f841c0d4662fe566e2ef97ddf968120a29c880821cbb1679596f43774920fdae630afd58532

  • SSDEEP

    1536:Bm386AEAlBxdBBMWB/LgdS/4aQzd7hgbue7v5uvByAsdNDi1xQeTEyG6WAaoigY:Bi86AdzzaaQzda35uJydd0svAo

Malware Config

Extracted

Family

redline

Botnet

abobi isid

C2

209.250.247.73:64156

Targets

    • Target

      11821df0179e7acadb1226ffb045b8cf

    • Size

      100KB

    • MD5

      11821df0179e7acadb1226ffb045b8cf

    • SHA1

      fd30b6b8fb5250d3816922b58b2921e7f6f8b473

    • SHA256

      6d807d0723b2a5cc11bb2f7e83b678cfd9f981c17dc9fa32d6c79aa42dfd31bd

    • SHA512

      3aa6a4f81636fbac9c19bc0fb451cd9241376e53b8d68ce0a0d56f841c0d4662fe566e2ef97ddf968120a29c880821cbb1679596f43774920fdae630afd58532

    • SSDEEP

      1536:Bm386AEAlBxdBBMWB/LgdS/4aQzd7hgbue7v5uvByAsdNDi1xQeTEyG6WAaoigY:Bi86AdzzaaQzda35uJydd0svAo

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks