General

  • Target

    b5b5e4d334f20563aa81779854732b80N

  • Size

    94KB

  • Sample

    240826-nfgs7sscrp

  • MD5

    b5b5e4d334f20563aa81779854732b80

  • SHA1

    30feb51290b4747be8a22e9fb76ba4b5c7ee5c44

  • SHA256

    fa119e20f7a34c350efdac0d25c2e562953ac68c3032fcd57e135ea2b81026c4

  • SHA512

    5311c2aab79a65a2bdbbd7025e7445efc4609b13eddb0e3cf29b94c875a8000bb5cef0baf05b8cce7337d9a1934fa1f90f69212fc1bdb249bdf879efc00bb3f9

  • SSDEEP

    1536:NZwHwtGZ2d5sz9q2qOQXSbnARHfqQxjAyOGd3VxKyEPJm4fwo:NZjleDQXm8yQxkypd3elPU4F

Malware Config

Extracted

Family

redline

Botnet

?

C2

80.92.205.137:59338

Targets

    • Target

      b5b5e4d334f20563aa81779854732b80N

    • Size

      94KB

    • MD5

      b5b5e4d334f20563aa81779854732b80

    • SHA1

      30feb51290b4747be8a22e9fb76ba4b5c7ee5c44

    • SHA256

      fa119e20f7a34c350efdac0d25c2e562953ac68c3032fcd57e135ea2b81026c4

    • SHA512

      5311c2aab79a65a2bdbbd7025e7445efc4609b13eddb0e3cf29b94c875a8000bb5cef0baf05b8cce7337d9a1934fa1f90f69212fc1bdb249bdf879efc00bb3f9

    • SSDEEP

      1536:NZwHwtGZ2d5sz9q2qOQXSbnARHfqQxjAyOGd3VxKyEPJm4fwo:NZjleDQXm8yQxkypd3elPU4F

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Enterprise v15

Tasks