General

  • Target

    728c42fe9290d035fe83b7c32d76f760N

  • Size

    92KB

  • Sample

    240826-jb265atenj

  • MD5

    728c42fe9290d035fe83b7c32d76f760

  • SHA1

    8122c6fce74e7c17b71b9dce44ddf4a4f6f90f5f

  • SHA256

    487b1f74be2d6f0b1b51f47150bd036f8d4f4ea0ba295a97663944ede194d7e0

  • SHA512

    988579e50501676b0a44f8e292a318f8341d452a9bfaa68b2379c43ef6e0b0579f7cc17e86e8373db4e1288d9da3a6938350d0b2ca54cce2291dabb384566b0f

  • SSDEEP

    1536:RGAPQDR0uFfqOmStLiXVS15SXy9G9eFNb4AZTGqXqEvy6Jd/oOStx95E8J3:R1PFuFSXoi01coFdfzXqQyedQOJ8p

Malware Config

Extracted

Family

redline

Botnet

@sad666666sad6666

C2

51.254.187.177:2785

Targets

    • Target

      728c42fe9290d035fe83b7c32d76f760N

    • Size

      92KB

    • MD5

      728c42fe9290d035fe83b7c32d76f760

    • SHA1

      8122c6fce74e7c17b71b9dce44ddf4a4f6f90f5f

    • SHA256

      487b1f74be2d6f0b1b51f47150bd036f8d4f4ea0ba295a97663944ede194d7e0

    • SHA512

      988579e50501676b0a44f8e292a318f8341d452a9bfaa68b2379c43ef6e0b0579f7cc17e86e8373db4e1288d9da3a6938350d0b2ca54cce2291dabb384566b0f

    • SSDEEP

      1536:RGAPQDR0uFfqOmStLiXVS15SXy9G9eFNb4AZTGqXqEvy6Jd/oOStx95E8J3:R1PFuFSXoi01coFdfzXqQyedQOJ8p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Enterprise v15

Tasks