General

  • Target

    549d13312cefa7ec561948aaefca954e

  • Size

    248KB

  • Sample

    240111-z79tvahfd9

  • MD5

    549d13312cefa7ec561948aaefca954e

  • SHA1

    cdcd213c2ca5bfb5e054fea3cc5528f211b0f3a5

  • SHA256

    3edf09675c8b5f71e38f659f50e7cbb5025cef595297424b0e553373312e6b5e

  • SHA512

    516004519ccd2c2157313183adb62bf36bb07087983e2c48c3300284f8785c73c56de7e3934f4fa0d7cb96d3b84e706c0c08237c924e3bdf2aa2a80a91a5fa2e

  • SSDEEP

    3072:HsPpNOcdTtX2i57fPLMoGrYKlj9z8FFp0JxXcRB43V4LtwRWmQzgFnLmx:n4TtX2cWrYKj9gLp0J2oV4LFmSgFnL

Malware Config

Extracted

Family

redline

Botnet

mix21.08

C2

45.14.49.246:18015

Targets

    • Target

      549d13312cefa7ec561948aaefca954e

    • Size

      248KB

    • MD5

      549d13312cefa7ec561948aaefca954e

    • SHA1

      cdcd213c2ca5bfb5e054fea3cc5528f211b0f3a5

    • SHA256

      3edf09675c8b5f71e38f659f50e7cbb5025cef595297424b0e553373312e6b5e

    • SHA512

      516004519ccd2c2157313183adb62bf36bb07087983e2c48c3300284f8785c73c56de7e3934f4fa0d7cb96d3b84e706c0c08237c924e3bdf2aa2a80a91a5fa2e

    • SSDEEP

      3072:HsPpNOcdTtX2i57fPLMoGrYKlj9z8FFp0JxXcRB43V4LtwRWmQzgFnLmx:n4TtX2cWrYKj9gLp0J2oV4LFmSgFnL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks