General

  • Target

    553b4d54bdbce6e4b4396e0f0baaa60f

  • Size

    100KB

  • Sample

    240112-cwywwadaak

  • MD5

    553b4d54bdbce6e4b4396e0f0baaa60f

  • SHA1

    9ec803e209fee135233e6bc8e720fd9bdd67803a

  • SHA256

    97d79d7781e8431e76d4e8c7e0bd67dcf759c350799108ec8030ebb1291e8a4b

  • SHA512

    91405022c9ef9caf9b24374c77d9303ee1127422bfedbe23fab1cf2cec0a268e527cba8a65e99b2cf546117989a794940bfda9d83b9578ab07d3a43cd0949dff

  • SSDEEP

    1536:Oo6aG72CL0j8y8cadDCx9oZPbauhwFUgbue7v/uvNyAsdl/ketx5RELG6WAaoigt:OdxSCL0SueqJ3/ulyddDNWx9

Malware Config

Extracted

Family

redline

Botnet

@CyberPhish_mod

C2

45.14.49.109:54819

Targets

    • Target

      553b4d54bdbce6e4b4396e0f0baaa60f

    • Size

      100KB

    • MD5

      553b4d54bdbce6e4b4396e0f0baaa60f

    • SHA1

      9ec803e209fee135233e6bc8e720fd9bdd67803a

    • SHA256

      97d79d7781e8431e76d4e8c7e0bd67dcf759c350799108ec8030ebb1291e8a4b

    • SHA512

      91405022c9ef9caf9b24374c77d9303ee1127422bfedbe23fab1cf2cec0a268e527cba8a65e99b2cf546117989a794940bfda9d83b9578ab07d3a43cd0949dff

    • SSDEEP

      1536:Oo6aG72CL0j8y8cadDCx9oZPbauhwFUgbue7v/uvNyAsdl/ketx5RELG6WAaoigt:OdxSCL0SueqJ3/ulyddDNWx9

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks