Overview

overview

10

Static

static

3

E2AACFD63A...2D.exe

windows7-x64

10

E2AACFD63A...2D.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    E2AACFD63AE1C0FD1A82024BBB866D2D.exe

  • Size

    800KB

  • Sample

    240103-lybzkacfaj

  • MD5

    e2aacfd63ae1c0fd1a82024bbb866d2d

  • SHA1

    b033201cf888b03a2f7cde167773bd427427d04d

  • SHA256

    326f39b2d29896b3748625b4bab991da83ce7583b35dc0ed984455c77f24057b

  • SHA512

    f96c810d47d32db4feb4b1f304e03e7159d8761b32de3a97ee53ff397c43688693864de1ddddc7ca6af63eb6ff5fcdb4dd31725df2ac33e5e575acbc7b820ac5

  • SSDEEP

    6144:H3JDlwIqZnV8VM1p5AlHcs/fOPwHHWUvhtJIJ25K9ne1bKgXTVm7KJEr+yRr41u6:+Ecs+TCh78oK9nj6Ay4RTNdHIPpEL

Score
10/10
redlinesectopratcheatinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

185.222.58.113:55615

Targets

    • Target

      E2AACFD63AE1C0FD1A82024BBB866D2D.exe

    • Size

      800KB

    • MD5

      e2aacfd63ae1c0fd1a82024bbb866d2d

    • SHA1

      b033201cf888b03a2f7cde167773bd427427d04d

    • SHA256

      326f39b2d29896b3748625b4bab991da83ce7583b35dc0ed984455c77f24057b

    • SHA512

      f96c810d47d32db4feb4b1f304e03e7159d8761b32de3a97ee53ff397c43688693864de1ddddc7ca6af63eb6ff5fcdb4dd31725df2ac33e5e575acbc7b820ac5

    • SSDEEP

      6144:H3JDlwIqZnV8VM1p5AlHcs/fOPwHHWUvhtJIJ25K9ne1bKgXTVm7KJEr+yRr41u6:+Ecs+TCh78oK9nj6Ay4RTNdHIPpEL

    Score
    10/10
    redlinesectopratcheatinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks