redline | 6d807d0723b2a5cc11bb2f7e83b678cfd9f981c17dc9fa32d6c79aa42dfd31bd | Triage

Submit
Reports

Overview

overview

Static

static

11821df017...cf.exe

windows7-x64

11821df017...cf.exe

windows10-2004-x64

Sharing

General

Target

11821df0179e7acadb1226ffb045b8cf
Size

100KB
Sample

231230-hnkxyahed9
MD5

11821df0179e7acadb1226ffb045b8cf
SHA1

fd30b6b8fb5250d3816922b58b2921e7f6f8b473
SHA256

6d807d0723b2a5cc11bb2f7e83b678cfd9f981c17dc9fa32d6c79aa42dfd31bd
SHA512

3aa6a4f81636fbac9c19bc0fb451cd9241376e53b8d68ce0a0d56f841c0d4662fe566e2ef97ddf968120a29c880821cbb1679596f43774920fdae630afd58532
SSDEEP

1536:Bm386AEAlBxdBBMWB/LgdS/4aQzd7hgbue7v5uvByAsdNDi1xQeTEyG6WAaoigY:Bi86AdzzaaQzda35uJydd0svAo

Score

10^/10

redline sectoprat abobi isid infostealer rat trojan

Static task

static1

abobi isid redline sectoprat

5 signatures

Behavioral task

behavioral1

Sample

11821df0179e7acadb1226ffb045b8cf.exe

Resource

win7-20231215-en

redline sectoprat abobi isid infostealer rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

11821df0179e7acadb1226ffb045b8cf.exe

Resource

win10v2004-20231215-en

redline sectoprat abobi isid infostealer rat trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

abobi isid

C2

209.250.247.73:64156

Targets

- Target
  
  11821df0179e7acadb1226ffb045b8cf
- Size
  
  100KB
- MD5
  
  11821df0179e7acadb1226ffb045b8cf
- SHA1
  
  fd30b6b8fb5250d3816922b58b2921e7f6f8b473
- SHA256
  
  6d807d0723b2a5cc11bb2f7e83b678cfd9f981c17dc9fa32d6c79aa42dfd31bd
- SHA512
  
  3aa6a4f81636fbac9c19bc0fb451cd9241376e53b8d68ce0a0d56f841c0d4662fe566e2ef97ddf968120a29c880821cbb1679596f43774920fdae630afd58532
- SSDEEP
  
  1536:Bm386AEAlBxdBBMWB/LgdS/4aQzd7hgbue7v5uvByAsdNDi1xQeTEyG6WAaoigY:Bi86AdzzaaQzda35uJydd0svAo
Score

10^/10

redline sectoprat abobi isid infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

abobi isidredlinesectoprat

behavioral1

redlinesectopratabobi isidinfostealerrattrojan

behavioral2

redlinesectopratabobi isidinfostealerrattrojan

© 2018-2024

Terms | Privacy