General

  • Target

    59fb7442592a9c032fbabad5a797fbde

  • Size

    96KB

  • Sample

    240114-cedvdabad8

  • MD5

    59fb7442592a9c032fbabad5a797fbde

  • SHA1

    c9477fc460b0b44c63c2a5f83a178c398b6a36fd

  • SHA256

    d34e796266410aff6fcad07b74545d3121bfc595cadef5370c01153b4dbf0047

  • SHA512

    5138015101bf38e436d9e1dc5c65f13e7a9b777b3849cbadfd8462b384a89cdf2e01a3b027545a3b1bbc1136c8814f4d8c54fdaf3fae3004966707b5ffc75500

  • SSDEEP

    1536:XHB+zRmEOBCoUi6HW+iGXgktM20VbN8FAh8xx+Ombf9Bo3HHTPyHddoh30txbIjf:XwzRmEVoUxW+iGXNtM2EuA8x+b1UHHbL

Malware Config

Extracted

Family

redline

Botnet

@bbakoch

C2

185.186.142.55:10425

Targets

    • Target

      59fb7442592a9c032fbabad5a797fbde

    • Size

      96KB

    • MD5

      59fb7442592a9c032fbabad5a797fbde

    • SHA1

      c9477fc460b0b44c63c2a5f83a178c398b6a36fd

    • SHA256

      d34e796266410aff6fcad07b74545d3121bfc595cadef5370c01153b4dbf0047

    • SHA512

      5138015101bf38e436d9e1dc5c65f13e7a9b777b3849cbadfd8462b384a89cdf2e01a3b027545a3b1bbc1136c8814f4d8c54fdaf3fae3004966707b5ffc75500

    • SSDEEP

      1536:XHB+zRmEOBCoUi6HW+iGXgktM20VbN8FAh8xx+Ombf9Bo3HHTPyHddoh30txbIjf:XwzRmEVoUxW+iGXNtM2EuA8x+b1UHHbL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks