Overview

overview

10

Static

static

3

9361c14d3a...bd.exe

windows7-x64

10

9361c14d3a...bd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9361c14d3a1508735af38497ef5936bd

  • Size

    314KB

  • Sample

    231219-y6htasddhn

  • MD5

    9361c14d3a1508735af38497ef5936bd

  • SHA1

    072c7083369882d1e29852d9d5935a96a0773181

  • SHA256

    51a96294b058e958d144025842e511d474f368423f02db59a02556f1398f6999

  • SHA512

    0c09b9f98a57b583134e93c53220070b783445cab476a4692c60c04a5d5d3ad8e8dcbb4ddeb690529ca135a0d2ac295476e3a821de972166d0b94043b244e28d

  • SSDEEP

    6144:76egjFeYjP3rsLsDCihb120YlaXODVyFUi4yuteEsaqImMD0z:enx/jP3ttYoewSOaqImk0

Score
10/10
redlinesectopratutsinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.20:13441

Targets

    • Target

      9361c14d3a1508735af38497ef5936bd

    • Size

      314KB

    • MD5

      9361c14d3a1508735af38497ef5936bd

    • SHA1

      072c7083369882d1e29852d9d5935a96a0773181

    • SHA256

      51a96294b058e958d144025842e511d474f368423f02db59a02556f1398f6999

    • SHA512

      0c09b9f98a57b583134e93c53220070b783445cab476a4692c60c04a5d5d3ad8e8dcbb4ddeb690529ca135a0d2ac295476e3a821de972166d0b94043b244e28d

    • SSDEEP

      6144:76egjFeYjP3rsLsDCihb120YlaXODVyFUi4yuteEsaqImMD0z:enx/jP3ttYoewSOaqImk0

    Score
    10/10
    redlinesectopratutsinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks