General

  • Target

    9cd90d6193c7b31a6735875bd10ae9971146e487fd1430539b9de76ef8743ec1

  • Size

    248KB

  • Sample

    241110-hrkrca1new

  • MD5

    77165f24b5a6d2e5b2d34490b321f622

  • SHA1

    c38d8fec501fd5fb79ea27d283531c38bb7cef3b

  • SHA256

    9cd90d6193c7b31a6735875bd10ae9971146e487fd1430539b9de76ef8743ec1

  • SHA512

    e072fc41bfa94790f7e17233ac830e07bc0cf2dafbde610f911664d348b505a197f0c15de76a98cd7ef8b3f1a8a8cb3f8f280fff2d495077111ef7ac3c5c9c51

  • SSDEEP

    6144:6nlbN6YGACCpv75kYAPVJFATBNexTlAUwl53EE:ylbUjbCpFN+VMtgyH3F

Malware Config

Extracted

Family

redline

C2

185.215.113.29:8678

Targets

    • Target

      9cd90d6193c7b31a6735875bd10ae9971146e487fd1430539b9de76ef8743ec1

    • Size

      248KB

    • MD5

      77165f24b5a6d2e5b2d34490b321f622

    • SHA1

      c38d8fec501fd5fb79ea27d283531c38bb7cef3b

    • SHA256

      9cd90d6193c7b31a6735875bd10ae9971146e487fd1430539b9de76ef8743ec1

    • SHA512

      e072fc41bfa94790f7e17233ac830e07bc0cf2dafbde610f911664d348b505a197f0c15de76a98cd7ef8b3f1a8a8cb3f8f280fff2d495077111ef7ac3c5c9c51

    • SSDEEP

      6144:6nlbN6YGACCpv75kYAPVJFATBNexTlAUwl53EE:ylbUjbCpFN+VMtgyH3F

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks