redline | 252ace27adb191fc5b0635a7cf2a96fc96957ee523911b2c44837afbcaf56779 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

5a115ce172...aa.exe

windows7-x64

5a115ce172...aa.exe

windows10-2004-x64

1

Sharing

General

Target

5a115ce1728a979b13bd527b4b3882aa
Size

396KB
Sample

231226-hdn7lshae6
MD5

5a115ce1728a979b13bd527b4b3882aa
SHA1

273f1a1915b442eaa179b292a725a0d95dc023eb
SHA256

252ace27adb191fc5b0635a7cf2a96fc96957ee523911b2c44837afbcaf56779
SHA512

b58ae1946ec98d3e971099a1c8382070fce6bb6a95835d85e96121facf4eeeee1d306b84c2e655e8bb97b13aaf58d9a310bc3842de89fc91a70660759d71802a
SSDEEP

6144:CMRyuNIzPNMWgO+a66q3GT7NkPJXkSt1KbbL7rnhYoTKLxzOxdiFVkUn9hppsczp:NtNIb2Wn+a660Xz0HL/CuKLo0FbJnzp

Score

10^/10

redline sectoprat cuc infostealer rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5a115ce1728a979b13bd527b4b3882aa.exe

Resource

win7-20231215-en

redline sectoprat cuc infostealer rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

5a115ce1728a979b13bd527b4b3882aa.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

CUC

C2

185.215.113.45:41009

Targets

- Target
  
  5a115ce1728a979b13bd527b4b3882aa
- Size
  
  396KB
- MD5
  
  5a115ce1728a979b13bd527b4b3882aa
- SHA1
  
  273f1a1915b442eaa179b292a725a0d95dc023eb
- SHA256
  
  252ace27adb191fc5b0635a7cf2a96fc96957ee523911b2c44837afbcaf56779
- SHA512
  
  b58ae1946ec98d3e971099a1c8382070fce6bb6a95835d85e96121facf4eeeee1d306b84c2e655e8bb97b13aaf58d9a310bc3842de89fc91a70660759d71802a
- SSDEEP
  
  6144:CMRyuNIzPNMWgO+a66q3GT7NkPJXkSt1KbbL7rnhYoTKLxzOxdiFVkUn9hppsczp:NtNIb2Wn+a660Xz0HL/CuKLo0FbJnzp
Score

10^/10

redline sectoprat cuc infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesectopratcucinfostealerrattrojan

behavioral2

© 2018-2025

Terms | Privacy