Overview

overview

10

Static

static

3

5b9bc56c83...55.exe

windows7-x64

10

5b9bc56c83...55.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b9bc56c8346fda5822813ddd6f38655

  • Size

    329KB

  • Sample

    231219-ttserafdf5

  • MD5

    5b9bc56c8346fda5822813ddd6f38655

  • SHA1

    d631bdcee0f6c6280e6238fd5fb84711cce944f5

  • SHA256

    89e482c9faf5accfa4e7ed30ef38eb3280b7cf628a341e55f527b46cdb2e9731

  • SHA512

    b06546a74c045f52ce410e3592b61630f06832f003c441002d8b0204c7fe0239b74dfc936597ecfec8e892205822b64b648c328540ab47d5b69e8e72bc548973

  • SSDEEP

    6144:mop8Jvgx8TA3W/zOGe7T2EWmpIJ+nRk87WgtPyHRbJEZWeQ2Ey/i7jkY/HeYA1Fa:moS4x8TA3GnG2dmdRk8ttWtJ4EnjV/HL

Score
10/10
redlinesectopratbuildinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

build

C2

185.244.182.136:51832

Attributes
  • auth_value

    275ce2c87153d4e8e3cc276c686a93de

Targets

    • Target

      5b9bc56c8346fda5822813ddd6f38655

    • Size

      329KB

    • MD5

      5b9bc56c8346fda5822813ddd6f38655

    • SHA1

      d631bdcee0f6c6280e6238fd5fb84711cce944f5

    • SHA256

      89e482c9faf5accfa4e7ed30ef38eb3280b7cf628a341e55f527b46cdb2e9731

    • SHA512

      b06546a74c045f52ce410e3592b61630f06832f003c441002d8b0204c7fe0239b74dfc936597ecfec8e892205822b64b648c328540ab47d5b69e8e72bc548973

    • SSDEEP

      6144:mop8Jvgx8TA3W/zOGe7T2EWmpIJ+nRk87WgtPyHRbJEZWeQ2Ey/i7jkY/HeYA1Fa:moS4x8TA3GnG2dmdRk8ttWtJ4EnjV/HL

    Score
    10/10
    redlinesectopratbuildinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks