General

  • Target

    48012589cc0d486bee8cab81212d7030N

  • Size

    92KB

  • Sample

    240826-pchrrsthpn

  • MD5

    48012589cc0d486bee8cab81212d7030

  • SHA1

    e385433b1618f22b12ed284340f9a2a12f810ba4

  • SHA256

    a1b9c322b2f53dda2f1ed6d82d72df615f75947f92348924f024a3e4820d3a7c

  • SHA512

    7d665d7de2a0aeffb4d2eb6e0ff8f1c171bb4d65f835d8aab2d9a2f9d14445f5e63c166eab21f733a0e8656bc1c9e959162a9a112549ac212da5ec50898ea5d9

  • SSDEEP

    1536:dIAnQDR0uomlTq2XStzbOx+3oasy9lCJ1Nb4AZTGqH3E0y6JdirOStx95EoJB:dznFuomluew6x+101dfzH3tyedKOJoP

Malware Config

Extracted

Family

redline

Botnet

raudd

C2

45.87.1.90:64918

Targets

    • Target

      48012589cc0d486bee8cab81212d7030N

    • Size

      92KB

    • MD5

      48012589cc0d486bee8cab81212d7030

    • SHA1

      e385433b1618f22b12ed284340f9a2a12f810ba4

    • SHA256

      a1b9c322b2f53dda2f1ed6d82d72df615f75947f92348924f024a3e4820d3a7c

    • SHA512

      7d665d7de2a0aeffb4d2eb6e0ff8f1c171bb4d65f835d8aab2d9a2f9d14445f5e63c166eab21f733a0e8656bc1c9e959162a9a112549ac212da5ec50898ea5d9

    • SSDEEP

      1536:dIAnQDR0uomlTq2XStzbOx+3oasy9lCJ1Nb4AZTGqH3E0y6JdirOStx95EoJB:dznFuomluew6x+101dfzH3tyedKOJoP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Enterprise v15

Tasks