General

  • Target

    96064a86cf44809e72a077e684240c4059abb92eca38e145eee2f6adb381351f

  • Size

    312KB

  • Sample

    241110-hpc9gsscjg

  • MD5

    ed91b36e50fe6d7cded26cc4a8f5b2df

  • SHA1

    dcebe8723d586701a0442dc18d4436deb32d502c

  • SHA256

    96064a86cf44809e72a077e684240c4059abb92eca38e145eee2f6adb381351f

  • SHA512

    e1fd44871fbd3f7e7f0a20c8b0bbd691daf24ce179c1b94f5a76c9944ca23d2d2c12a492fd3407bdc86e83cf245f6a4e1e8bdd75e71795259c5af362535894ec

  • SSDEEP

    6144:1JZQJXGkeWLd1omA3aoy0YoSmLygJ/u1B47M4Rt:PZDWLd1oWoy/6hJ/CBaD

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.29:18087

Targets

    • Target

      96064a86cf44809e72a077e684240c4059abb92eca38e145eee2f6adb381351f

    • Size

      312KB

    • MD5

      ed91b36e50fe6d7cded26cc4a8f5b2df

    • SHA1

      dcebe8723d586701a0442dc18d4436deb32d502c

    • SHA256

      96064a86cf44809e72a077e684240c4059abb92eca38e145eee2f6adb381351f

    • SHA512

      e1fd44871fbd3f7e7f0a20c8b0bbd691daf24ce179c1b94f5a76c9944ca23d2d2c12a492fd3407bdc86e83cf245f6a4e1e8bdd75e71795259c5af362535894ec

    • SSDEEP

      6144:1JZQJXGkeWLd1omA3aoy0YoSmLygJ/u1B47M4Rt:PZDWLd1oWoy/6hJ/CBaD

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks