General

  • Target

    5755009e6a34f037e90a17ccd059cc44

  • Size

    338KB

  • Sample

    240112-ycjthaecaj

  • MD5

    5755009e6a34f037e90a17ccd059cc44

  • SHA1

    164bca1a97fd346352aeb645922fd9a3e8f7a1ab

  • SHA256

    f1ae795f186c015b05fd1572f41fb43b0cd267bf135d98a3e12d2dc8c7b90e3e

  • SHA512

    360e64220bc9316bdf087e1a1e5b1cb55e6e2713f78f029995c3ba72cee91b12d37bdcd8f5cc597bcecc5d24a0cd1238049cf23d67a1c520620bdab0d7d06cfe

  • SSDEEP

    6144:p/MJTKpzkWBJ9vmS0fiZEK80OG51pUV8kBmJEs96WdA3rRVNwX/iu:k+JkEzOSpZEx0Jf6pBmJEs9uw6u

Malware Config

Extracted

Family

redline

Botnet

test

C2

193.56.146.78:51487

Targets

    • Target

      5755009e6a34f037e90a17ccd059cc44

    • Size

      338KB

    • MD5

      5755009e6a34f037e90a17ccd059cc44

    • SHA1

      164bca1a97fd346352aeb645922fd9a3e8f7a1ab

    • SHA256

      f1ae795f186c015b05fd1572f41fb43b0cd267bf135d98a3e12d2dc8c7b90e3e

    • SHA512

      360e64220bc9316bdf087e1a1e5b1cb55e6e2713f78f029995c3ba72cee91b12d37bdcd8f5cc597bcecc5d24a0cd1238049cf23d67a1c520620bdab0d7d06cfe

    • SSDEEP

      6144:p/MJTKpzkWBJ9vmS0fiZEK80OG51pUV8kBmJEs96WdA3rRVNwX/iu:k+JkEzOSpZEx0Jf6pBmJEs9uw6u

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks