Overview

overview

10

Static

static

3

6225b8ad7c...41.exe

windows7-x64

10

6225b8ad7c...41.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6225b8ad7cc8e98f25d81628dd34a441

  • Size

    250KB

  • Sample

    240117-jx7zhabdeq

  • MD5

    6225b8ad7cc8e98f25d81628dd34a441

  • SHA1

    871779ad47201df04460accea06f39820a68d840

  • SHA256

    dc350b4c1e2acbe6e6406c408640b7e7817a07b4ffd0dc227a602b9e93de5ab3

  • SHA512

    15c816ce2e46f194bfec9d665ef2bbd84bba1e21ed81038b4b53b02f74fec3ed7f7f75b905122ea009ecd29d35fa827412d2fae2c4d6fa332dd725da29600214

  • SSDEEP

    3072:oh9O/JPFujjKt0+3cdHl+tKyjAnalNScbA5dCCPhRBUDo+Q9Jn5gJ5+pFFMGYJQe:ntFuXzdFHqTlNDsjRmDo+QznuypFzG

Score
10/10
redlinesectopratpubinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

pub

C2

193.56.146.78:51487

Targets

    • Target

      6225b8ad7cc8e98f25d81628dd34a441

    • Size

      250KB

    • MD5

      6225b8ad7cc8e98f25d81628dd34a441

    • SHA1

      871779ad47201df04460accea06f39820a68d840

    • SHA256

      dc350b4c1e2acbe6e6406c408640b7e7817a07b4ffd0dc227a602b9e93de5ab3

    • SHA512

      15c816ce2e46f194bfec9d665ef2bbd84bba1e21ed81038b4b53b02f74fec3ed7f7f75b905122ea009ecd29d35fa827412d2fae2c4d6fa332dd725da29600214

    • SSDEEP

      3072:oh9O/JPFujjKt0+3cdHl+tKyjAnalNScbA5dCCPhRBUDo+Q9Jn5gJ5+pFFMGYJQe:ntFuXzdFHqTlNDsjRmDo+QznuypFzG

    Score
    10/10
    redlinesectopratpubinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks