redline | bf96ed8aa602b7611ef90657e75b9612d2a49e57acdfaf4c3f8b40ef562651cc | Triage

Submit
Reports

Overview

overview

Static

static

3

757f0a9413...29.exe

windows7-x64

757f0a9413...29.exe

windows10-2004-x64

Sharing

General

Target

757f0a9413bdf1e4b1c9b9abc66eb629
Size

423KB
Sample

240125-zpdnpafbf6
MD5

757f0a9413bdf1e4b1c9b9abc66eb629
SHA1

248f4810bb3d4350b2bb09eced1c557e9fcc8740
SHA256

bf96ed8aa602b7611ef90657e75b9612d2a49e57acdfaf4c3f8b40ef562651cc
SHA512

187b009618d29c7414e74e84a4fc99ee206004f5d519fa462d159b6c2843a6237ea3ee8168647cddea30a4ce77293cf40d84c9b965c8ebaeec718a101a191e04
SSDEEP

6144:Q7aSvtHjxBLSfDQLUj1iA+rfdSjGpsoZ2bcgy4rvEGs7437sFjrJKPiEOr11Hk7K:OvtD/PLUjcwjGmo6HvjsEAFjcRYNk8C

Score

10^/10

redline sectoprat sewpalpadin infostealer rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

757f0a9413bdf1e4b1c9b9abc66eb629.exe

Resource

win7-20231215-en

redline sectoprat sewpalpadin infostealer rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

757f0a9413bdf1e4b1c9b9abc66eb629.exe

Resource

win10v2004-20231215-en

redline sectoprat sewpalpadin infostealer rat trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.114:8887

Targets

- Target
  
  757f0a9413bdf1e4b1c9b9abc66eb629
- Size
  
  423KB
- MD5
  
  757f0a9413bdf1e4b1c9b9abc66eb629
- SHA1
  
  248f4810bb3d4350b2bb09eced1c557e9fcc8740
- SHA256
  
  bf96ed8aa602b7611ef90657e75b9612d2a49e57acdfaf4c3f8b40ef562651cc
- SHA512
  
  187b009618d29c7414e74e84a4fc99ee206004f5d519fa462d159b6c2843a6237ea3ee8168647cddea30a4ce77293cf40d84c9b965c8ebaeec718a101a191e04
- SSDEEP
  
  6144:Q7aSvtHjxBLSfDQLUj1iA+rfdSjGpsoZ2bcgy4rvEGs7437sFjrJKPiEOr11Hk7K:OvtD/PLUjcwjGmo6HvjsEAFjcRYNk8C
Score

10^/10

redline sectoprat sewpalpadin infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesectopratsewpalpadininfostealerrattrojan

behavioral2

redlinesectopratsewpalpadininfostealerrattrojan

© 2018-2024

Terms | Privacy