Overview

overview

10

Static

static

3

50a5b25b9b...bc.exe

windows7-x64

10

50a5b25b9b...bc.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    50a5b25b9b1af83e3f87f59797a87ebc

  • Size

    328KB

  • Sample

    231219-s1e8bsegel

  • MD5

    50a5b25b9b1af83e3f87f59797a87ebc

  • SHA1

    ba06296b70546c363e8731ffffe8d5cc18a798e3

  • SHA256

    6ce9eb376c25a3a9e6a362be2870ef772e38134d60a400f8349052fcc5c96c2a

  • SHA512

    801f05b030f5ba52f796473c16ad77a64a16db97475c8ca536d93a4afd41df7c28a748abaf4922cee7d559e2a9b20e948c1308329e1272d5ec44260c3ad89e61

  • SSDEEP

    6144:7oojJvgNiCpj8ZLOtFH7h5WRhfJZ7XA66ybDIhaeFuRsftqFFOw:7F94NiCpjGs35WRljLA66AFniw

Score
10/10
redlinesectopratbuildinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

build

C2

185.244.182.136:51832

Attributes
  • auth_value

    275ce2c87153d4e8e3cc276c686a93de

Targets

    • Target

      50a5b25b9b1af83e3f87f59797a87ebc

    • Size

      328KB

    • MD5

      50a5b25b9b1af83e3f87f59797a87ebc

    • SHA1

      ba06296b70546c363e8731ffffe8d5cc18a798e3

    • SHA256

      6ce9eb376c25a3a9e6a362be2870ef772e38134d60a400f8349052fcc5c96c2a

    • SHA512

      801f05b030f5ba52f796473c16ad77a64a16db97475c8ca536d93a4afd41df7c28a748abaf4922cee7d559e2a9b20e948c1308329e1272d5ec44260c3ad89e61

    • SSDEEP

      6144:7oojJvgNiCpj8ZLOtFH7h5WRhfJZ7XA66ybDIhaeFuRsftqFFOw:7F94NiCpjGs35WRljLA66AFniw

    Score
    10/10
    redlinesectopratbuildinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks