Malware Analysis Report

2025-08-10 16:53

Sample ID 231225-2gnj2acfh5
Target 40739461598b1bbd16df55e689ea2953
SHA256 4e6b5e4835fb5f96a4b1337c5923ca79c4e0e0d7de1bd307ba1d6908634a4c2c
Tags
netframework redline sectoprat
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

4e6b5e4835fb5f96a4b1337c5923ca79c4e0e0d7de1bd307ba1d6908634a4c2c

Threat Level: Known bad

The file 40739461598b1bbd16df55e689ea2953 was found to be: Known bad.

Malicious Activity Summary

netframework redline sectoprat

RedLine payload

Redline family

SectopRAT payload

Sectoprat family

Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-12-25 22:33

Signatures

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A

Redline family

redline

SectopRAT payload

Description Indicator Process Target
N/A N/A N/A N/A

Sectoprat family

sectoprat

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2023-12-25 22:33

Reported

2023-12-29 16:43

Platform

win10v2004-20231215-en

Max time network

9s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
US 20.231.121.79:80 tcp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-12-25 22:33

Reported

2023-12-29 16:42

Platform

win7-20231129-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A