General

  • Target

    b215150d57d2f1b9d816c91df2f0e1bc8458242fbacd09f80d32a55850a77d23

  • Size

    22.8MB

  • Sample

    240827-dbgmja1cnp

  • MD5

    ab95ae7289756d16cd714ea72a72a9a1

  • SHA1

    5dffdf0af3945678771b24074f55b21789267d1c

  • SHA256

    b215150d57d2f1b9d816c91df2f0e1bc8458242fbacd09f80d32a55850a77d23

  • SHA512

    7cbb01a48f588d9f07bd348b6f53463def3f8aaf274a629a656e2c5b403cd33cb1738e1a8cf94b0e98cb8f12502de83133c1e87023ce47ae5bcada8bbd7445e2

  • SSDEEP

    393216:Na9qfaINI+B9bvvY3XH8ipp3U7cD6YB4Euc6pn0gsctwDh5HS/5zkUPAOm:vfagI+HvExH3V6YB4e6Bac2Dh5yBQoAf

Malware Config

Targets

    • Target

      b44afe5ca4e685f81dc94024fd968ae60167bbb033d07cc91171ee155e5fe5b0.exe

    • Size

      70.1MB

    • MD5

      60939d210e725112bb16875a41782e03

    • SHA1

      3a5214649ad0c1ca2fa36f0f6522c95d9bd60f09

    • SHA256

      b44afe5ca4e685f81dc94024fd968ae60167bbb033d07cc91171ee155e5fe5b0

    • SHA512

      282fd844e9f9866ad02101b0e50097019e9262cadf4f51b36d4b9243ec1807c247519226713a53c2bd5c501ce7945be1923c1234dde060bd42e52681b65df620

    • SSDEEP

      393216:lWxQN89qQk4adiJCuE2fUCdod+OvqKkZHzXhJ/KTe8uiBUtkc0k3qrsGg4GUo3Np:lWoI7zGh5ahWc3ImH

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks