redline | 752cc244ad2a7d0e4fa6128304df14ecedaad840a641384546ec292f123619ab | Triage

Submit
Reports

Overview

overview

Static

static

1

6e10a6fbc1...73.exe

windows7-x64

6e10a6fbc1...73.exe

windows10-2004-x64

Sharing

General

Target

6e10a6fbc11e4be9196d2218660c3073
Size

209KB
Sample

231226-pjb8kabfd9
MD5

6e10a6fbc11e4be9196d2218660c3073
SHA1

47a2ebb192d54701d2ac1e9b76911baa31eb2972
SHA256

752cc244ad2a7d0e4fa6128304df14ecedaad840a641384546ec292f123619ab
SHA512

2d53ad9e9e543749edd3309e3f03dd3c05c67662d86aa5875875e28c03bba0e5f724ea443ecdb754dad151d83ac979a0213d898ee8e02eca0aca18aac52adcd9
SSDEEP

3072:+khfaKvLtC/N78aRX6AyKjNVnZTZNWz/6szqAw36lHDf+:+/KvLwljRX1yKpV1iLmAw6jf+

Score

10^/10

redline sectoprat forinstalls infostealer rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

6e10a6fbc11e4be9196d2218660c3073.exe

Resource

win7-20231215-en

redline sectoprat forinstalls infostealer rat trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

6e10a6fbc11e4be9196d2218660c3073.exe

Resource

win10v2004-20231215-en

redline sectoprat forinstalls infostealer rat trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

forinstalls

C2

77.220.213.35:52349

Targets

- Target
  
  6e10a6fbc11e4be9196d2218660c3073
- Size
  
  209KB
- MD5
  
  6e10a6fbc11e4be9196d2218660c3073
- SHA1
  
  47a2ebb192d54701d2ac1e9b76911baa31eb2972
- SHA256
  
  752cc244ad2a7d0e4fa6128304df14ecedaad840a641384546ec292f123619ab
- SHA512
  
  2d53ad9e9e543749edd3309e3f03dd3c05c67662d86aa5875875e28c03bba0e5f724ea443ecdb754dad151d83ac979a0213d898ee8e02eca0aca18aac52adcd9
- SSDEEP
  
  3072:+khfaKvLtC/N78aRX6AyKjNVnZTZNWz/6szqAw36lHDf+:+/KvLwljRX1yKpV1iLmAw6jf+
Score

10^/10

redline sectoprat forinstalls infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesectopratforinstallsinfostealerrattrojan

behavioral2

redlinesectopratforinstallsinfostealerrattrojan

© 2018-2024

Terms | Privacy