General

  • Target

    5a3eb93564a49e7b6a645d74ee19ef58

  • Size

    263KB

  • Sample

    240114-esd4eabghr

  • MD5

    5a3eb93564a49e7b6a645d74ee19ef58

  • SHA1

    2bd82700c4a85bea93c990e892316364ace5e03d

  • SHA256

    13c723d1548b43f711358b1dca9115c3bdd7932727e9927317d03dc5b5e925f2

  • SHA512

    7632d20e67a4fcf05976f7747310837bd11f836011e5bdcc5cb7db2b9e38c403d3a2446f4e696d2850f20ddbcaaed191988b0e228cd5f959fc21b1aa26da3e63

  • SSDEEP

    6144:9LIvLHiAxcXClwupeamgBGcOWemETBnHCLZRdtK:9UvLHiAgClpe5uGcOkgoLZRdw

Malware Config

Extracted

Family

redline

C2

185.215.113.29:8889

Targets

    • Target

      5a3eb93564a49e7b6a645d74ee19ef58

    • Size

      263KB

    • MD5

      5a3eb93564a49e7b6a645d74ee19ef58

    • SHA1

      2bd82700c4a85bea93c990e892316364ace5e03d

    • SHA256

      13c723d1548b43f711358b1dca9115c3bdd7932727e9927317d03dc5b5e925f2

    • SHA512

      7632d20e67a4fcf05976f7747310837bd11f836011e5bdcc5cb7db2b9e38c403d3a2446f4e696d2850f20ddbcaaed191988b0e228cd5f959fc21b1aa26da3e63

    • SSDEEP

      6144:9LIvLHiAxcXClwupeamgBGcOWemETBnHCLZRdtK:9UvLHiAgClpe5uGcOkgoLZRdw

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks