Overview

overview

10

Static

static

3

5edfec324a...50.exe

windows7-x64

10

5edfec324a...50.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5edfec324acf289cba05be172c2a0750

  • Size

    328KB

  • Sample

    231219-t3qyaafbgj

  • MD5

    5edfec324acf289cba05be172c2a0750

  • SHA1

    236bcc761839b43fa7dbdc5011da7cf880aa23af

  • SHA256

    7d6b77352ac9ecf44f8bca2c79b4cdf0c98947b76018b94abbe5e65651f1bb78

  • SHA512

    f8b971847467b07d509c0579e18726881372b4434230db1168a694529fa48df9b0e53da57d8485d00cca61d2060d6228bd8e7549e12c8b7f14ea81b732fb8b51

  • SSDEEP

    6144:7oojJvgNiCpj8ZLOtFH7h5WRhfJZ7XA66ybDIhaeFuRsftqFFOj:7F94NiCpjGs35WRljLA66AFnij

Score
10/10
redlinesectopratbuildinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

build

C2

185.244.182.136:51832

Attributes
  • auth_value

    275ce2c87153d4e8e3cc276c686a93de

Targets

    • Target

      5edfec324acf289cba05be172c2a0750

    • Size

      328KB

    • MD5

      5edfec324acf289cba05be172c2a0750

    • SHA1

      236bcc761839b43fa7dbdc5011da7cf880aa23af

    • SHA256

      7d6b77352ac9ecf44f8bca2c79b4cdf0c98947b76018b94abbe5e65651f1bb78

    • SHA512

      f8b971847467b07d509c0579e18726881372b4434230db1168a694529fa48df9b0e53da57d8485d00cca61d2060d6228bd8e7549e12c8b7f14ea81b732fb8b51

    • SSDEEP

      6144:7oojJvgNiCpj8ZLOtFH7h5WRhfJZ7XA66ybDIhaeFuRsftqFFOj:7F94NiCpjGs35WRljLA66AFnij

    Score
    10/10
    redlinesectopratbuildinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks