General

  • Target

    55423dd14de3b8fe7aa890fe36f3c0f5

  • Size

    115KB

  • Sample

    240112-c5bspsdbem

  • MD5

    55423dd14de3b8fe7aa890fe36f3c0f5

  • SHA1

    285ea732bf9f47663f3677352d214202f9f36565

  • SHA256

    925d9f40e60f2aea7efb587cafe11c03fae0553a07369603f677757ecd5f7ae1

  • SHA512

    393ce88d3edd0c59822926e1dc02d1fc6a17877337065e1a3baac545e39bc3ff1cd5eb04e84d32918f9af2691c0392522d70fcfbb3337eecde373fa85d4de35b

  • SSDEEP

    3072:Gi86AdWdpUyefaQzHu63NuTyddesvcakbKF:V7AdYpFezJSy/7kbK

Malware Config

Extracted

Family

redline

Botnet

CHEAT0408

C2

109.248.11.56:49166

Targets

    • Target

      55423dd14de3b8fe7aa890fe36f3c0f5

    • Size

      115KB

    • MD5

      55423dd14de3b8fe7aa890fe36f3c0f5

    • SHA1

      285ea732bf9f47663f3677352d214202f9f36565

    • SHA256

      925d9f40e60f2aea7efb587cafe11c03fae0553a07369603f677757ecd5f7ae1

    • SHA512

      393ce88d3edd0c59822926e1dc02d1fc6a17877337065e1a3baac545e39bc3ff1cd5eb04e84d32918f9af2691c0392522d70fcfbb3337eecde373fa85d4de35b

    • SSDEEP

      3072:Gi86AdWdpUyefaQzHu63NuTyddesvcakbKF:V7AdYpFezJSy/7kbK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks