General

  • Target

    5591fc3cd5460cc2ccf7da0f3bd11f19

  • Size

    338KB

  • Sample

    240112-fr9z5afafp

  • MD5

    5591fc3cd5460cc2ccf7da0f3bd11f19

  • SHA1

    842b8125536d9e217e9809498a4395a249709840

  • SHA256

    1d89a940dccccb58ce59943e5fab66203118f104511f4a30a777a4bb6288a531

  • SHA512

    f060bb94f281d9bc0e4a13e918d9a16b86104415dad40e22ea6697e96e7092a9ef8711b1b488568c8bf52110faf00c11a2130fb5d4a173c91779f2bb640dd734

  • SSDEEP

    6144:dhFJEnr0VFQzb5GgUD3pa5Q2sjKVAmNyjV0gf1CiS/xScdx6v/65x9:RJEEFQzbhUD5aSdjHmNy5d1CiSxdxuy5

Malware Config

Extracted

Family

redline

C2

185.215.113.29:8678

Targets

    • Target

      5591fc3cd5460cc2ccf7da0f3bd11f19

    • Size

      338KB

    • MD5

      5591fc3cd5460cc2ccf7da0f3bd11f19

    • SHA1

      842b8125536d9e217e9809498a4395a249709840

    • SHA256

      1d89a940dccccb58ce59943e5fab66203118f104511f4a30a777a4bb6288a531

    • SHA512

      f060bb94f281d9bc0e4a13e918d9a16b86104415dad40e22ea6697e96e7092a9ef8711b1b488568c8bf52110faf00c11a2130fb5d4a173c91779f2bb640dd734

    • SSDEEP

      6144:dhFJEnr0VFQzb5GgUD3pa5Q2sjKVAmNyjV0gf1CiS/xScdx6v/65x9:RJEEFQzbhUD5aSdjHmNy5d1CiSxdxuy5

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks