redline | 590dbf85b61046f6b2991e7b640379b9e73841073c206fd2daa633148f4df910 | Triage

Submit
Reports

Overview

overview

Static

static

63110829dd...14.exe

windows7-x64

63110829dd...14.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

63110829dd5c037d4c40e48e6a095e14
Size

2.4MB
Sample

231226-k9en6agcg9
MD5

63110829dd5c037d4c40e48e6a095e14
SHA1

478d1587dbd126d25435c4402c8b282d7a296df9
SHA256

590dbf85b61046f6b2991e7b640379b9e73841073c206fd2daa633148f4df910
SHA512

543e4ef333e10d2b29418a6eb4206714668150bd6985c8ac6a6cc939837222ef60915b33f732009e1901bba834d51d65149a9bcde58889093a0fad0361d7cf48
SSDEEP

6144:phs8DFuQ4gFIOg+G/5yH9cMEKJhBy7/hyQgc:48xuvZ5yH9cM3By7

Score

10^/10

redline sectoprat infostealer rat trojan vmprotect

Static task

static1

vmprotect sectoprat

4 signatures

Behavioral task

behavioral1

Sample

63110829dd5c037d4c40e48e6a095e14.exe

Resource

win7-20231215-en

redline sectoprat infostealer rat trojan vmprotect

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

63110829dd5c037d4c40e48e6a095e14.exe

Resource

win10v2004-20231215-en

redline sectoprat infostealer rat trojan vmprotect

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  63110829dd5c037d4c40e48e6a095e14
- Size
  
  2.4MB
- MD5
  
  63110829dd5c037d4c40e48e6a095e14
- SHA1
  
  478d1587dbd126d25435c4402c8b282d7a296df9
- SHA256
  
  590dbf85b61046f6b2991e7b640379b9e73841073c206fd2daa633148f4df910
- SHA512
  
  543e4ef333e10d2b29418a6eb4206714668150bd6985c8ac6a6cc939837222ef60915b33f732009e1901bba834d51d65149a9bcde58889093a0fad0361d7cf48
- SSDEEP
  
  6144:phs8DFuQ4gFIOg+G/5yH9cMEKJhBy7/hyQgc:48xuvZ5yH9cM3By7
Score

10^/10

redline sectoprat infostealer rat trojan vmprotect
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

vmprotectsectoprat

behavioral1

redlinesectopratinfostealerrattrojanvmprotect

behavioral2

redlinesectopratinfostealerrattrojanvmprotect

© 2018-2025

Terms | Privacy