General

  • Target

    41db174a1dab0a3daf8076d64ea73d74abc2e3b66d6423d638677ac23877f5af

  • Size

    320KB

  • Sample

    241111-ecjc7a1pb1

  • MD5

    ed87943df543df9f17a1ca85550ff66f

  • SHA1

    6fa40dbbc1175d701891b49d0f68268fd6549cb1

  • SHA256

    41db174a1dab0a3daf8076d64ea73d74abc2e3b66d6423d638677ac23877f5af

  • SHA512

    4e6b707c64e451573075ca4d0f0e9c87a1b71ed7facfd1df2961f19fad9d2ce104346178647bed0ebcf4d748a0fcf485d9dcc5ccccbd4240c3e63a760be87311

  • SSDEEP

    6144:9m8LCq4I8ELnKH4rM1EI/2HW37zNOWz5JH0GVApdlP:fL+IZ0MM1E1WAdlP

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.29:18087

Targets

    • Target

      41db174a1dab0a3daf8076d64ea73d74abc2e3b66d6423d638677ac23877f5af

    • Size

      320KB

    • MD5

      ed87943df543df9f17a1ca85550ff66f

    • SHA1

      6fa40dbbc1175d701891b49d0f68268fd6549cb1

    • SHA256

      41db174a1dab0a3daf8076d64ea73d74abc2e3b66d6423d638677ac23877f5af

    • SHA512

      4e6b707c64e451573075ca4d0f0e9c87a1b71ed7facfd1df2961f19fad9d2ce104346178647bed0ebcf4d748a0fcf485d9dcc5ccccbd4240c3e63a760be87311

    • SSDEEP

      6144:9m8LCq4I8ELnKH4rM1EI/2HW37zNOWz5JH0GVApdlP:fL+IZ0MM1E1WAdlP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks