General

  • Target

    926b4267dd91ea50e051a99e0bb10db0N

  • Size

    92KB

  • Sample

    240825-z4gc5axbkj

  • MD5

    926b4267dd91ea50e051a99e0bb10db0

  • SHA1

    97cac9572d9d9ef585ddca860207ee894e5f269b

  • SHA256

    68cff9ab6db51d4be80415a1410496206ff8f9865d01282fb64f133049e4bba7

  • SHA512

    c388f06d173830610449a7b560fed5c5338a814e8951c9bd31d9d2d09d24a65bcfe7d32c7c54c48cea8a5424b00eb7d30c9c0e764cc6d8a30b91a66ac6904196

  • SSDEEP

    1536:ysAbQDR0ObCqu8SttRMsle6y9DCIhxNb4AZTGqn3Evy6Jd6dOStx95EzJn:y/bFObPJWusifxdfzn3QyedUOJz5

Malware Config

Extracted

Family

redline

Botnet

@kohanidzeee

C2

ierinapu.xyz:80

Targets

    • Target

      926b4267dd91ea50e051a99e0bb10db0N

    • Size

      92KB

    • MD5

      926b4267dd91ea50e051a99e0bb10db0

    • SHA1

      97cac9572d9d9ef585ddca860207ee894e5f269b

    • SHA256

      68cff9ab6db51d4be80415a1410496206ff8f9865d01282fb64f133049e4bba7

    • SHA512

      c388f06d173830610449a7b560fed5c5338a814e8951c9bd31d9d2d09d24a65bcfe7d32c7c54c48cea8a5424b00eb7d30c9c0e764cc6d8a30b91a66ac6904196

    • SSDEEP

      1536:ysAbQDR0ObCqu8SttRMsle6y9DCIhxNb4AZTGqn3Evy6Jd6dOStx95EzJn:y/bFObPJWusifxdfzn3QyedUOJz5

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Enterprise v15

Tasks