Overview

overview

10

Static

static

3

ecc7736237...1b.exe

windows7-x64

10

ecc7736237...1b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ecc773623762e2e326d7683a9758491b

  • Size

    429KB

  • Sample

    231220-vaha4shhd5

  • MD5

    ecc773623762e2e326d7683a9758491b

  • SHA1

    ad186c867976dc5909843418853d54d4065c24ba

  • SHA256

    8f97a40b4d9cf26913ab95eec548d75a8dad5a1a24d992d047e080070282d838

  • SHA512

    40e30981f533b19123ec3d84276a28acd282c01907398ca6d67155901cfaf2c2d6355dc708d0ecfc6c21b5c671b4c3bb87eeb53183b7085474a2acd302f038a4

  • SSDEEP

    12288:mUEg0pPvwCCCNUZDBL+MlU43opBzcWzuuZVY6:mdvpnwJXBaMx3opBVu

Score
10/10
redlinesectopratsheinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

she

C2

135.181.129.119:4805

Attributes
  • auth_value

    b69102cdbd4afe2d3159f88fb6dac731

Targets

    • Target

      ecc773623762e2e326d7683a9758491b

    • Size

      429KB

    • MD5

      ecc773623762e2e326d7683a9758491b

    • SHA1

      ad186c867976dc5909843418853d54d4065c24ba

    • SHA256

      8f97a40b4d9cf26913ab95eec548d75a8dad5a1a24d992d047e080070282d838

    • SHA512

      40e30981f533b19123ec3d84276a28acd282c01907398ca6d67155901cfaf2c2d6355dc708d0ecfc6c21b5c671b4c3bb87eeb53183b7085474a2acd302f038a4

    • SSDEEP

      12288:mUEg0pPvwCCCNUZDBL+MlU43opBzcWzuuZVY6:mdvpnwJXBaMx3opBVu

    Score
    10/10
    redlinesectopratsheinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks