Overview

overview

10

Static

static

3

7d77ad2af4...0d.exe

windows7-x64

10

7d77ad2af4...0d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d77ad2af41cd7e29f44f2ad4a11530d

  • Size

    310KB

  • Sample

    240128-t4n53sdfb5

  • MD5

    7d77ad2af41cd7e29f44f2ad4a11530d

  • SHA1

    7514356e6a30f9d86a19e96368335b676f944940

  • SHA256

    c928b6286755e717ca666cb49d655338583b839e093c6a5ac7087a93196b1f01

  • SHA512

    08b03a048444e1dbac773308b8e8b4538311e116e443d31a01924d252e8e56ebd904c195dd3fd1fa98b3ebf828924193796eaed7c5f3b52b62974bc28646f875

  • SSDEEP

    6144:rHgyDEFDeFe7oeniD0Gs77sh9OInINhoQB15p0JRAz4Z5vXA+ji5NPE:McE1eFe7oe2M8h98oQH5mJRNZK+G7M

Score
10/10
redlinesectopratpubinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

pub

C2

193.56.146.78:51487

Targets

    • Target

      7d77ad2af41cd7e29f44f2ad4a11530d

    • Size

      310KB

    • MD5

      7d77ad2af41cd7e29f44f2ad4a11530d

    • SHA1

      7514356e6a30f9d86a19e96368335b676f944940

    • SHA256

      c928b6286755e717ca666cb49d655338583b839e093c6a5ac7087a93196b1f01

    • SHA512

      08b03a048444e1dbac773308b8e8b4538311e116e443d31a01924d252e8e56ebd904c195dd3fd1fa98b3ebf828924193796eaed7c5f3b52b62974bc28646f875

    • SSDEEP

      6144:rHgyDEFDeFe7oeniD0Gs77sh9OInINhoQB15p0JRAz4Z5vXA+ji5NPE:McE1eFe7oe2M8h98oQH5mJRNZK+G7M

    Score
    10/10
    redlinesectopratpubinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks