redline | 057817c6a71d51a17193ccc891dce293938ff72a8021336718c3eb9d5b47c518 | Triage

Submit
Reports

Overview

overview

Static

static

3

5527f9b686...fd.exe

windows7-x64

5527f9b686...fd.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

Target

5527f9b68654ac5ec99d2839434c4ffd
Size

389KB
Sample

231226-fcm7tagfh4
MD5

5527f9b68654ac5ec99d2839434c4ffd
SHA1

7eedeb5bac514a179bc7cc46a44572b0e9ff121e
SHA256

057817c6a71d51a17193ccc891dce293938ff72a8021336718c3eb9d5b47c518
SHA512

ca5770a34ba39cd999b0698e3e9b717fcd2a755390b69117ef2e38e263b2d31df81a8da07c7788edf92145229be7bdb2288c197964035ddf2829fbb9187f660b
SSDEEP

6144:UJCUD10LYibzbK9jTMyUkxo4G8CFlr64s/V2orlB9siKqp7HSMayw4d0Aty4TJAc:KmYLrdAr6VNfrH/FyMQ+T+

Score

10^/10

redline sectoprat @red9xx infostealer rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5527f9b68654ac5ec99d2839434c4ffd.exe

Resource

win7-20231215-en

redline sectoprat @red9xx infostealer rat trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

5527f9b68654ac5ec99d2839434c4ffd.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

@Red9xX

C2

95.215.207.185:64399

Targets

- Target
  
  5527f9b68654ac5ec99d2839434c4ffd
- Size
  
  389KB
- MD5
  
  5527f9b68654ac5ec99d2839434c4ffd
- SHA1
  
  7eedeb5bac514a179bc7cc46a44572b0e9ff121e
- SHA256
  
  057817c6a71d51a17193ccc891dce293938ff72a8021336718c3eb9d5b47c518
- SHA512
  
  ca5770a34ba39cd999b0698e3e9b717fcd2a755390b69117ef2e38e263b2d31df81a8da07c7788edf92145229be7bdb2288c197964035ddf2829fbb9187f660b
- SSDEEP
  
  6144:UJCUD10LYibzbK9jTMyUkxo4G8CFlr64s/V2orlB9siKqp7HSMayw4d0Aty4TJAc:KmYLrdAr6VNfrH/FyMQ+T+
Score

10^/10

redline sectoprat @red9xx infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesectoprat@red9xxinfostealerrattrojan

behavioral2

© 2018-2025

Terms | Privacy