General

  • Target

    411ca7ba89ae45e92f9ed4663f903335

  • Size

    107KB

  • Sample

    240104-rwlc4scff2

  • MD5

    411ca7ba89ae45e92f9ed4663f903335

  • SHA1

    6360b07844800b8e6e6e2b11ee3c8d051c4a2e96

  • SHA256

    6780a257463d037daff9f626aecee2347177edfb0851ee12d33ba225ab38f009

  • SHA512

    bfd58e96af22f17fab2cff4b360d79621b738128c61f01420963a1119d27320eb97a64fef42819e9ea7ffab39289f19b82f8911e227236435a87151d55d9e754

  • SSDEEP

    1536:Kt9pmqnRshOY9YWdO0VZs5WCict0nii+jbuqGdTnQuyq+dR+vdDjEmG6qTaoigi:YfRshZ9Ya7/s5WCi30GTn3yjdR0Yry

Malware Config

Extracted

Family

redline

Botnet

@soul3ss

C2

188.130.139.12:30376

Targets

    • Target

      411ca7ba89ae45e92f9ed4663f903335

    • Size

      107KB

    • MD5

      411ca7ba89ae45e92f9ed4663f903335

    • SHA1

      6360b07844800b8e6e6e2b11ee3c8d051c4a2e96

    • SHA256

      6780a257463d037daff9f626aecee2347177edfb0851ee12d33ba225ab38f009

    • SHA512

      bfd58e96af22f17fab2cff4b360d79621b738128c61f01420963a1119d27320eb97a64fef42819e9ea7ffab39289f19b82f8911e227236435a87151d55d9e754

    • SSDEEP

      1536:Kt9pmqnRshOY9YWdO0VZs5WCict0nii+jbuqGdTnQuyq+dR+vdDjEmG6qTaoigi:YfRshZ9Ya7/s5WCi30GTn3yjdR0Yry

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks