redline | c2435d3a716491173446a2eaf9d92a14527dff1ea5821dcab71da2e071de7195 | Triage

Submit
Reports

Overview

overview

Static

static

150f252acb...36.exe

windows7-x64

150f252acb...36.exe

windows10-2004-x64

Sharing

General

Target

150f252acbf6e3795b70eb57c543955f491be2371791635069df6dc950a2ad36.zip
Size

43KB
Sample

230329-m1mphsfh98
MD5

64205fba1891428ecf83c3b405913918
SHA1

d3b722d3d7adf663011949998548fe120b103ae4
SHA256

c2435d3a716491173446a2eaf9d92a14527dff1ea5821dcab71da2e071de7195
SHA512

f46a8557a659c46bda621a1f8df78bdde0f78d0a95211712f90707f311390aea0c6c3f2a0e16ea80af04541be8781da0a62b152e536bdb59e87e281b8e03ce28
SSDEEP

768:9KGssH1ogAvqNCSXyi9lA7ff5+4ThPaez/rM8XdLyJyt3buM3ddDaXtxKl/NTFf1:9KGPGgAvqUSi8ATf5zlPVjRcgp3ddOjO

Score

10^/10

redline sectoprat cheat infostealer rat trojan

Static task

static1

cheat redline sectoprat

4 signatures

Behavioral task

behavioral1

Sample

150f252acbf6e3795b70eb57c543955f491be2371791635069df6dc950a2ad36.exe

Resource

win7-20230220-en

redline sectoprat cheat infostealer rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

150f252acbf6e3795b70eb57c543955f491be2371791635069df6dc950a2ad36.exe

Resource

win10v2004-20230220-en

redline sectoprat cheat infostealer rat trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

10.0.0.4:5333

Targets

- Target
  
  150f252acbf6e3795b70eb57c543955f491be2371791635069df6dc950a2ad36
- Size
  
  95KB
- MD5
  
  5f6add9b084da99ae9675ea57d42e981
- SHA1
  
  ebfabce974fb9e72d0607d433f348923e145774c
- SHA256
  
  150f252acbf6e3795b70eb57c543955f491be2371791635069df6dc950a2ad36
- SHA512
  
  64fbc89874f00774ba19a0b6d5cd411a3c6bbe094fea1efaa5b54400a6d0f74ff72cc9715da6070365c9d6ae4794b456dfacec92bdbaf80a577f769392e90536
- SSDEEP
  
  1536:JqsMqq+zlbG6jejoigIT43Ywzi0Zb78ivombfexv0ujXyyed2d3teulgS6pt:n3pZYT+zi0ZbYe1g0ujyzd9t
Score

10^/10

redline sectoprat cheat infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

cheatredlinesectoprat

behavioral1

redlinesectopratcheatinfostealerrattrojan

behavioral2

redlinesectopratcheatinfostealerrattrojan

© 2018-2024

Terms | Privacy