Overview

overview

10

Static

static

3

cd8d9d0902...39.exe

windows7-x64

10

cd8d9d0902...39.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cd8d9d0902ce5c52dd03adfc0feafa39

  • Size

    328KB

  • Sample

    231220-r7zd4sfhfk

  • MD5

    cd8d9d0902ce5c52dd03adfc0feafa39

  • SHA1

    1e89e7cb080028f0e2c1e9d163e74dcbff9a028a

  • SHA256

    5804d3cd117a05ef7d7e5d5f5218a59215a9d17428c2c22485596d7b432cb288

  • SHA512

    0cbaa8ba3d77899116513ca4b50e471a13ff09b53cf2958d45c8044140909c4137eca9da2bfdd24729bec78817e4af8431fc9d23bae54bfd6859b381cef9544d

  • SSDEEP

    6144:7oojJvgNiCpj8ZLOtFH7h5WRhfJZ7XA66ybDIhaeFuRsftqFFON:7F94NiCpjGs35WRljLA66AFniN

Score
10/10
redlinesectopratbuildinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

build

C2

185.244.182.136:51832

Attributes
  • auth_value

    275ce2c87153d4e8e3cc276c686a93de

Targets

    • Target

      cd8d9d0902ce5c52dd03adfc0feafa39

    • Size

      328KB

    • MD5

      cd8d9d0902ce5c52dd03adfc0feafa39

    • SHA1

      1e89e7cb080028f0e2c1e9d163e74dcbff9a028a

    • SHA256

      5804d3cd117a05ef7d7e5d5f5218a59215a9d17428c2c22485596d7b432cb288

    • SHA512

      0cbaa8ba3d77899116513ca4b50e471a13ff09b53cf2958d45c8044140909c4137eca9da2bfdd24729bec78817e4af8431fc9d23bae54bfd6859b381cef9544d

    • SSDEEP

      6144:7oojJvgNiCpj8ZLOtFH7h5WRhfJZ7XA66ybDIhaeFuRsftqFFON:7F94NiCpjGs35WRljLA66AFniN

    Score
    10/10
    redlinesectopratbuildinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks