General

  • Target

    5b0285500c82361ae169e28a9c3c235f

  • Size

    98KB

  • Sample

    240114-mlny2ahdf4

  • MD5

    5b0285500c82361ae169e28a9c3c235f

  • SHA1

    070959afb1fee596ecdebd3ed1e2bdf98da06d58

  • SHA256

    bc8d88ca40f99941862ee5e2948de359f59de068c02e11a5e50f8e0c6a096899

  • SHA512

    70aad2f873a1130f725daa9daa5e8642aa26bab459482284620d53aaa85bb7410fd1010ccfad7385448ca12fc92839a1ea1368b7ad7d42cf5460fed5018b630b

  • SSDEEP

    1536:63LNmocesy9s0ocrIHwDJFosQmbfeWvyuvUyyedQF32qCxXsEqG6ijoig+:6xmocVWJDJ59zyucyzdaSnd

Malware Config

Extracted

Family

redline

Botnet

red

C2

87.120.37.152:5605

Targets

    • Target

      5b0285500c82361ae169e28a9c3c235f

    • Size

      98KB

    • MD5

      5b0285500c82361ae169e28a9c3c235f

    • SHA1

      070959afb1fee596ecdebd3ed1e2bdf98da06d58

    • SHA256

      bc8d88ca40f99941862ee5e2948de359f59de068c02e11a5e50f8e0c6a096899

    • SHA512

      70aad2f873a1130f725daa9daa5e8642aa26bab459482284620d53aaa85bb7410fd1010ccfad7385448ca12fc92839a1ea1368b7ad7d42cf5460fed5018b630b

    • SSDEEP

      1536:63LNmocesy9s0ocrIHwDJFosQmbfeWvyuvUyyedQF32qCxXsEqG6ijoig+:6xmocVWJDJ59zyucyzdaSnd

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks