redline | 6780a257463d037daff9f626aecee2347177edfb0851ee12d33ba225ab38f009 | Triage

Submit
Reports

Overview

overview

Static

static

411ca7ba89...35.exe

windows7-x64

411ca7ba89...35.exe

windows10-2004-x64

Sharing

General

Target

411ca7ba89ae45e92f9ed4663f903335
Size

107KB
Sample

240104-rwlc4scff2
MD5

411ca7ba89ae45e92f9ed4663f903335
SHA1

6360b07844800b8e6e6e2b11ee3c8d051c4a2e96
SHA256

6780a257463d037daff9f626aecee2347177edfb0851ee12d33ba225ab38f009
SHA512

bfd58e96af22f17fab2cff4b360d79621b738128c61f01420963a1119d27320eb97a64fef42819e9ea7ffab39289f19b82f8911e227236435a87151d55d9e754
SSDEEP

1536:Kt9pmqnRshOY9YWdO0VZs5WCict0nii+jbuqGdTnQuyq+dR+vdDjEmG6qTaoigi:YfRshZ9Ya7/s5WCi30GTn3yjdR0Yry

Score

10^/10

redline sectoprat @soul3ss infostealer rat trojan

Static task

static1

@soul3ss redline sectoprat

5 signatures

Behavioral task

behavioral1

Sample

411ca7ba89ae45e92f9ed4663f903335.exe

Resource

win7-20231215-en

redline sectoprat @soul3ss infostealer rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

411ca7ba89ae45e92f9ed4663f903335.exe

Resource

win10v2004-20231222-en

redline sectoprat @soul3ss infostealer rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

@soul3ss

C2

188.130.139.12:30376

Targets

- Target
  
  411ca7ba89ae45e92f9ed4663f903335
- Size
  
  107KB
- MD5
  
  411ca7ba89ae45e92f9ed4663f903335
- SHA1
  
  6360b07844800b8e6e6e2b11ee3c8d051c4a2e96
- SHA256
  
  6780a257463d037daff9f626aecee2347177edfb0851ee12d33ba225ab38f009
- SHA512
  
  bfd58e96af22f17fab2cff4b360d79621b738128c61f01420963a1119d27320eb97a64fef42819e9ea7ffab39289f19b82f8911e227236435a87151d55d9e754
- SSDEEP
  
  1536:Kt9pmqnRshOY9YWdO0VZs5WCict0nii+jbuqGdTnQuyq+dR+vdDjEmG6qTaoigi:YfRshZ9Ya7/s5WCi30GTn3yjdR0Yry
Score

10^/10

redline sectoprat @soul3ss infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

@soul3ssredlinesectoprat

behavioral1

redlinesectoprat@soul3ssinfostealerrattrojan

behavioral2

redlinesectoprat@soul3ssinfostealerrattrojan

© 2018-2024

Terms | Privacy