General

  • Target

    0db4d6b7aaa1b6db55b771e883a030dda77a839c93346fb30080b7ee35e444f2

  • Size

    402KB

  • Sample

    241110-3j7alawrfw

  • MD5

    b5f683690fa96b6fdc70a66484eda187

  • SHA1

    72401ebe868435cb1985dd061a654729b63f3a5d

  • SHA256

    0db4d6b7aaa1b6db55b771e883a030dda77a839c93346fb30080b7ee35e444f2

  • SHA512

    801b2bbe2998db502f0c848921469d95650206efa4c6a7e0a82fa3b6ae20d66d72a5f6b2f3995d98f1490724af1adf7726023510d0fc5a2de36d60cb08961450

  • SSDEEP

    12288:LhdPpoPcY8Fpuiuj0U/Frbr7zjKhG7B9:LryPgUFNF3X3KhyB

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.20:13441

Targets

    • Target

      0db4d6b7aaa1b6db55b771e883a030dda77a839c93346fb30080b7ee35e444f2

    • Size

      402KB

    • MD5

      b5f683690fa96b6fdc70a66484eda187

    • SHA1

      72401ebe868435cb1985dd061a654729b63f3a5d

    • SHA256

      0db4d6b7aaa1b6db55b771e883a030dda77a839c93346fb30080b7ee35e444f2

    • SHA512

      801b2bbe2998db502f0c848921469d95650206efa4c6a7e0a82fa3b6ae20d66d72a5f6b2f3995d98f1490724af1adf7726023510d0fc5a2de36d60cb08961450

    • SSDEEP

      12288:LhdPpoPcY8Fpuiuj0U/Frbr7zjKhG7B9:LryPgUFNF3X3KhyB

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks