Overview

overview

10

Static

static

10

build.exe

windows7-x64

10

build.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    build.exe

  • Size

    95KB

  • Sample

    230406-slctnade87

  • MD5

    7a2e4926d4ee24b12e251b8f6e912515

  • SHA1

    18483e52dc1e0ddc2f47da45cd60d13a54b0a2f5

  • SHA256

    c14e2531ebba66f86f620cd950ee9a9b531a22769fe0379e87398dcc09e223a5

  • SHA512

    c2028f6c6aeaf3218cb2e81df0ebd618c4623adf1df9a0b3805a400c7b33e42cee1763eeaeedf5e42f5532bab27d73e54abaf0aa6d84a76939d6aad0a584e813

  • SSDEEP

    1536:1qswlqWWlbG6jejoigI/43Ywzi0Zb78ivombfexv0ujXyyed2h3teulgS6pg:zgReY/+zi0ZbYe1g0ujyzd5g

Score
10/10
redlinesectopratcheatinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

127.0.0.1:46613

Targets

    • Target

      build.exe

    • Size

      95KB

    • MD5

      7a2e4926d4ee24b12e251b8f6e912515

    • SHA1

      18483e52dc1e0ddc2f47da45cd60d13a54b0a2f5

    • SHA256

      c14e2531ebba66f86f620cd950ee9a9b531a22769fe0379e87398dcc09e223a5

    • SHA512

      c2028f6c6aeaf3218cb2e81df0ebd618c4623adf1df9a0b3805a400c7b33e42cee1763eeaeedf5e42f5532bab27d73e54abaf0aa6d84a76939d6aad0a584e813

    • SSDEEP

      1536:1qswlqWWlbG6jejoigI/43Ywzi0Zb78ivombfexv0ujXyyed2h3teulgS6pg:zgReY/+zi0ZbYe1g0ujyzd5g

    Score
    10/10
    redlinesectopratcheatinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks