Overview

overview

10

Static

static

10

af92d8b935...42.exe

windows7-x64

10

af92d8b935...42.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    af92d8b9354a0252b62b6635c221d99e1e87ed34df5f505b55e07a6dd79f2642.zip

  • Size

    43KB

  • Sample

    230328-ktsk3saa26

  • MD5

    257f46e6b7f500dffaa914f4936cf916

  • SHA1

    85640da2d72f9d3ccb3b5d605cb234b51205317b

  • SHA256

    8aac9aa0952e39d3d8ecc58c240d186b85f4d5c1750790b75832f30cd73966ec

  • SHA512

    31834936088185a4f920887ccab15a5618accde94eaf99d06a7037d34470d5e814dd6a13d227f1de1b7caa6920736f554577956ec1e786d9958e0edc6edd4bf8

  • SSDEEP

    768:bSYu+f+aWGuS0FrCsZyEh5fnub3Vbwj2U5zc5IEWvg6iCqZU1YM6KnHI4pNZEmKJ:bS3+f+aWpSmrC5PDyjNc5IEThmRZOn

Score
10/10
redlinesectopratcheatinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

86.107.103.208:8160

Targets

    • Target

      af92d8b9354a0252b62b6635c221d99e1e87ed34df5f505b55e07a6dd79f2642

    • Size

      95KB

    • MD5

      807376de25b6e06155bae45331e6a1b4

    • SHA1

      b641ccec64038744b8967c29a4a525da3aaa980a

    • SHA256

      af92d8b9354a0252b62b6635c221d99e1e87ed34df5f505b55e07a6dd79f2642

    • SHA512

      e6799cddaf6f54b1793069340dbe73515348a2f05f1ff2595029b595e1ced3a2e7733d029dc8b2e4ac2834cb42f2939992a79dd54a11e70c6ec4e2ad19179568

    • SSDEEP

      1536:9qsINqLGlbG6jejoigI343Ywzi0Zb78ivombfexv0ujXyyed2F3teulgS6pY:rAMOY3+zi0ZbYe1g0ujyzdlY

    Score
    10/10
    redlinesectopratcheatinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks