redline | e3fcc56bcfd2108829e5bbb481f260e31828c4a38d93bc1ac294b48cff7245cc | Triage

Submit
Reports

Overview

overview

Static

static

3

65f02521e4...f5.exe

windows7-x64

65f02521e4...f5.exe

windows10-2004-x64

Sharing

General

Target

65f02521e4d3d357608eb923fa6930f5
Size

378KB
Sample

231226-l416msceaj
MD5

65f02521e4d3d357608eb923fa6930f5
SHA1

bc8165197cb12767ac93bc49922d1c7c67e2eb6b
SHA256

e3fcc56bcfd2108829e5bbb481f260e31828c4a38d93bc1ac294b48cff7245cc
SHA512

ee933f281dcc69f1dcac7975627c289b443cf14e6feb4863f8397c19a37e11d2f51baba85be740d962cc8d31347e763e03e486460e78a74cea32ecc423d61243
SSDEEP

6144:R2whUfR1GfxfRT4ROvAK+VZtJTiKBsM4d0WOFUehGhwPgdFHoU1:NhsR1GfxfRT4YoK+VZtJTZBsM4d0WOFS

Score

10^/10

redline sectoprat 777 infostealer rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

65f02521e4d3d357608eb923fa6930f5.exe

Resource

win7-20231215-en

redline sectoprat 777 infostealer rat trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

65f02521e4d3d357608eb923fa6930f5.exe

Resource

win10v2004-20231215-en

redline sectoprat 777 infostealer rat trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

777

C2

185.203.243.131:27365

Targets

- Target
  
  65f02521e4d3d357608eb923fa6930f5
- Size
  
  378KB
- MD5
  
  65f02521e4d3d357608eb923fa6930f5
- SHA1
  
  bc8165197cb12767ac93bc49922d1c7c67e2eb6b
- SHA256
  
  e3fcc56bcfd2108829e5bbb481f260e31828c4a38d93bc1ac294b48cff7245cc
- SHA512
  
  ee933f281dcc69f1dcac7975627c289b443cf14e6feb4863f8397c19a37e11d2f51baba85be740d962cc8d31347e763e03e486460e78a74cea32ecc423d61243
- SSDEEP
  
  6144:R2whUfR1GfxfRT4ROvAK+VZtJTiKBsM4d0WOFUehGhwPgdFHoU1:NhsR1GfxfRT4YoK+VZtJTZBsM4d0WOFS
Score

10^/10

redline sectoprat 777 infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesectoprat777infostealerrattrojan

behavioral2

redlinesectoprat777infostealerrattrojan

© 2018-2024

Terms | Privacy