Overview

overview

10

Static

static

3

231cc17cfd...36.exe

windows7-x64

10

231cc17cfd...36.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    231cc17cfdce0fd269477dc614534a36

  • Size

    357KB

  • Sample

    231219-pqbklseca6

  • MD5

    231cc17cfdce0fd269477dc614534a36

  • SHA1

    8d1f7cfc4b55e48f4037da785e2f2031f181bd16

  • SHA256

    99c8ad18a15141313fcd757f2e14fb1e9eb803be5dd5d634f052393c15741238

  • SHA512

    93a3d316389979d04e13e5f9580f46247955fc008f580c39976347bc5ca26641081da6c52e9e5c6bdec585d19436b93c42b8806485ab5af314bd23e80b582379

  • SSDEEP

    6144:wfQnBph/JPsKHZ72xPK6ybwSH3jXCnLLwhqKr/sqicc3SYEDGs8gPY/5GBEj507O:o2jdJPsKHZ72xvybwSHzyQJ/sqEC1DG/

Score
10/10
redlinesectopratpaladininfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

paladin

C2

178.63.26.132:29795

Targets

    • Target

      231cc17cfdce0fd269477dc614534a36

    • Size

      357KB

    • MD5

      231cc17cfdce0fd269477dc614534a36

    • SHA1

      8d1f7cfc4b55e48f4037da785e2f2031f181bd16

    • SHA256

      99c8ad18a15141313fcd757f2e14fb1e9eb803be5dd5d634f052393c15741238

    • SHA512

      93a3d316389979d04e13e5f9580f46247955fc008f580c39976347bc5ca26641081da6c52e9e5c6bdec585d19436b93c42b8806485ab5af314bd23e80b582379

    • SSDEEP

      6144:wfQnBph/JPsKHZ72xPK6ybwSH3jXCnLLwhqKr/sqicc3SYEDGs8gPY/5GBEj507O:o2jdJPsKHZ72xvybwSHzyQJ/sqEC1DG/

    Score
    10/10
    redlinesectopratpaladininfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks