General

  • Target

    5b0e056cc4170183afafb9bd8c2e7764

  • Size

    276KB

  • Sample

    240114-mz8wcsggen

  • MD5

    5b0e056cc4170183afafb9bd8c2e7764

  • SHA1

    6e6ff3f39fda1d6505c1831cc846b7dcbf405efa

  • SHA256

    27caeabbbc3f50ddde02957ab8b5e196077f534e522c7be75b32fc369d2ac282

  • SHA512

    d8414917356d269354ebbf6e7b4ea7537f033f399da5952a03116f5d5e6523cf0061d1ef871552a63caf7705c0eb4ae60c4b779dbdece024658ac32aa5c09cab

  • SSDEEP

    6144:BSRHG1dtQdoDRvTr9O/5sHfKzmPtZBW1HwhZU9sI5/:BSg1dthRnARq1Kec

Malware Config

Extracted

Family

redline

C2

185.215.113.29:8678

Targets

    • Target

      5b0e056cc4170183afafb9bd8c2e7764

    • Size

      276KB

    • MD5

      5b0e056cc4170183afafb9bd8c2e7764

    • SHA1

      6e6ff3f39fda1d6505c1831cc846b7dcbf405efa

    • SHA256

      27caeabbbc3f50ddde02957ab8b5e196077f534e522c7be75b32fc369d2ac282

    • SHA512

      d8414917356d269354ebbf6e7b4ea7537f033f399da5952a03116f5d5e6523cf0061d1ef871552a63caf7705c0eb4ae60c4b779dbdece024658ac32aa5c09cab

    • SSDEEP

      6144:BSRHG1dtQdoDRvTr9O/5sHfKzmPtZBW1HwhZU9sI5/:BSg1dthRnARq1Kec

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks