Overview

overview

10

Static

static

3

c3b0bd9e7c...03.exe

windows7-x64

10

c3b0bd9e7c...03.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c3b0bd9e7c47bf11bfd7f0212e2e6403

  • Size

    396KB

  • Sample

    231228-e7ba3aacgp

  • MD5

    c3b0bd9e7c47bf11bfd7f0212e2e6403

  • SHA1

    f72d2b2170f1fec4c9791a19f4196d68146422d8

  • SHA256

    0ee76a38739c46c034b853dd31645d5b31a6bc81e4b6370e4832338c6ebe8310

  • SHA512

    36db8e885342955b57c942e42a7b683e4925a7283cf6465d351502995718b2ff9017d204d63925fee4b4c18225a381affaea354734ccf4680528fa176f161cb5

  • SSDEEP

    6144:wyFyj8tJ6okU7nqmWkGxGifNkPADID09R1+R+aMSr5R7aePCYEuGJmfctZXAEZ0d:hw8t03U7nqtxpDVR1WnMWee4XXXG

Score
10/10
redlinesectopratpubinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

185.215.113.45:41009

Targets

    • Target

      c3b0bd9e7c47bf11bfd7f0212e2e6403

    • Size

      396KB

    • MD5

      c3b0bd9e7c47bf11bfd7f0212e2e6403

    • SHA1

      f72d2b2170f1fec4c9791a19f4196d68146422d8

    • SHA256

      0ee76a38739c46c034b853dd31645d5b31a6bc81e4b6370e4832338c6ebe8310

    • SHA512

      36db8e885342955b57c942e42a7b683e4925a7283cf6465d351502995718b2ff9017d204d63925fee4b4c18225a381affaea354734ccf4680528fa176f161cb5

    • SSDEEP

      6144:wyFyj8tJ6okU7nqmWkGxGifNkPADID09R1+R+aMSr5R7aePCYEuGJmfctZXAEZ0d:hw8t03U7nqtxpDVR1WnMWee4XXXG

    Score
    10/10
    redlinesectopratpubinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks