General

  • Target

    148591619c37d54e137e6bfd82a68d4c4053b8b57f6b986e4497a58c8d74df71

  • Size

    239KB

  • Sample

    241110-qd5hlazqhm

  • MD5

    6607bd070e7ec6328410bb6d00a22244

  • SHA1

    4fef1b769f7fcf805c0ac32d6313d0e50c6254d1

  • SHA256

    148591619c37d54e137e6bfd82a68d4c4053b8b57f6b986e4497a58c8d74df71

  • SHA512

    9cea6b43cf6530df248753bbd993cab5c7581635ab058695433137970785cca1b372fffb5ea708ea6e2fe1e2754b7430b10294145c33b93a711fd473bcf316b2

  • SSDEEP

    6144:ehesTBULc/rbsUW3an0jfO1BIwkwSDOO:6P/W3Q1+wSD

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.20:13441

Targets

    • Target

      148591619c37d54e137e6bfd82a68d4c4053b8b57f6b986e4497a58c8d74df71

    • Size

      239KB

    • MD5

      6607bd070e7ec6328410bb6d00a22244

    • SHA1

      4fef1b769f7fcf805c0ac32d6313d0e50c6254d1

    • SHA256

      148591619c37d54e137e6bfd82a68d4c4053b8b57f6b986e4497a58c8d74df71

    • SHA512

      9cea6b43cf6530df248753bbd993cab5c7581635ab058695433137970785cca1b372fffb5ea708ea6e2fe1e2754b7430b10294145c33b93a711fd473bcf316b2

    • SSDEEP

      6144:ehesTBULc/rbsUW3an0jfO1BIwkwSDOO:6P/W3Q1+wSD

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks