General

  • Target

    5b2efc41e60b436ff9bce0ae4f8fd30a

  • Size

    100KB

  • Sample

    240114-n5p6waaea9

  • MD5

    5b2efc41e60b436ff9bce0ae4f8fd30a

  • SHA1

    611ddf0b6cb01edd77969925d242c7d0685e9750

  • SHA256

    5179b913e59a263bae49cb3ddd5fe79269a2796537fe675767264dd30ffa0a38

  • SHA512

    f11221368d0fb5119638de6460a65446c2e333336115b78d11c3824ff524ed02a81bf47591606bcc47e141754d0887fcc11fb1e9cb640df3fbbda803f4efa9e3

  • SSDEEP

    1536:RTo6aGLKC7i2RHZVeb5N9HSBoh5TAauswsgbue7vduvNyAsdBdetx5RE7G6WAaof:ddxGCD3MbZHtZDi3dulyddONWh9

Malware Config

Extracted

Family

redline

Botnet

mongol

C2

softwarebeast.live:80

Targets

    • Target

      5b2efc41e60b436ff9bce0ae4f8fd30a

    • Size

      100KB

    • MD5

      5b2efc41e60b436ff9bce0ae4f8fd30a

    • SHA1

      611ddf0b6cb01edd77969925d242c7d0685e9750

    • SHA256

      5179b913e59a263bae49cb3ddd5fe79269a2796537fe675767264dd30ffa0a38

    • SHA512

      f11221368d0fb5119638de6460a65446c2e333336115b78d11c3824ff524ed02a81bf47591606bcc47e141754d0887fcc11fb1e9cb640df3fbbda803f4efa9e3

    • SSDEEP

      1536:RTo6aGLKC7i2RHZVeb5N9HSBoh5TAauswsgbue7vduvNyAsdBdetx5RE7G6WAaof:ddxGCD3MbZHtZDi3dulyddONWh9

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks