poullight | 65a2750dad8a55c376c995915dd75f6456b4aa6464d720d09726683f73ce800c | Triage

Submit
Reports

Overview

overview

Static

static

.NET.zip

windows7-x64

1

.NET.zip

windows10-1703-x64

7

.NET.zip

windows10-2004-x64

1

Resubmissions

11-11-2023 14:21

231111-rpa9kagf3y 10

Sharing

General

Target

.NET.zip
Size

7.1MB
Sample

231111-rpa9kagf3y
MD5

c8fc145dcca77a5a139dbbb146d5e190
SHA1

20d8c82f50d28c11c4ca0b54157902f1f95f8940
SHA256

65a2750dad8a55c376c995915dd75f6456b4aa6464d720d09726683f73ce800c
SHA512

72f236c04bbe5e7a0c410bdfb388db20dd577d159f50fc3fe7e45be46d47bdf521e2bf42ef9209d66c55806668b350d2d625f5fa1f2925add545d66742cc8940
SSDEEP

196608:Pu9jyp8BUGsqtC97PGhVbZwc7ChFKuqdIG9ZByzDGDhumZ:2yWqGfUPeV+cGhouqd99z6DGDhumZ

Score

10^/10

poullight redline sectoprat uts

Static task

static1

uts poullight redline sectoprat

7 signatures

Behavioral task

behavioral1

Sample

.NET.zip

Resource

win7-20231020-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

.NET.zip

Resource

win10-20231020-en

windows10-1703-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

.NET.zip

Resource

win10v2004-20231023-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.20:13441

Targets

- Target
  
  .NET.zip
- Size
  
  7.1MB
- MD5
  
  c8fc145dcca77a5a139dbbb146d5e190
- SHA1
  
  20d8c82f50d28c11c4ca0b54157902f1f95f8940
- SHA256
  
  65a2750dad8a55c376c995915dd75f6456b4aa6464d720d09726683f73ce800c
- SHA512
  
  72f236c04bbe5e7a0c410bdfb388db20dd577d159f50fc3fe7e45be46d47bdf521e2bf42ef9209d66c55806668b350d2d625f5fa1f2925add545d66742cc8940
- SSDEEP
  
  196608:Pu9jyp8BUGsqtC97PGhVbZwc7ChFKuqdIG9ZByzDGDhumZ:2yWqGfUPeV+cGhouqd99z6DGDhumZ
Score

7^/10
- Executes dropped EXE
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

utspoullightredlinesectoprat

behavioral1

behavioral2

behavioral3

© 2018-2024

Terms | Privacy