Overview

overview

10

Static

static

1

8eef6d2361...50.exe

windows7-x64

10

8eef6d2361...50.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8eef6d2361a4ba46c76fc7390211ef50

  • Size

    497KB

  • Sample

    240204-mpfrtshffp

  • MD5

    8eef6d2361a4ba46c76fc7390211ef50

  • SHA1

    80d740edde7fffbd05ebaafbcf6d7bb8a02ad016

  • SHA256

    8a269b9cb003cde07e1b18b16cc59384343be9a9cb5ab71cb6f82ee5e2cd130b

  • SHA512

    95ce5f64b443158c2c5cce1d43431a099257c5d49e52d8a17f178df32c69c143ad0d46c8682cc4ff521639c05fc44bdd0ce414f994087cfd524f9d0d9d021513

  • SSDEEP

    6144:e33nzsAF7YrlbTyeaheHhpz85ka+wxdLsb/:OjsAF7YrlbO3hi9wsj

Score
10/10
redlinesectoprat3infostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

3

C2

45.88.107.116:44061

Targets

    • Target

      8eef6d2361a4ba46c76fc7390211ef50

    • Size

      497KB

    • MD5

      8eef6d2361a4ba46c76fc7390211ef50

    • SHA1

      80d740edde7fffbd05ebaafbcf6d7bb8a02ad016

    • SHA256

      8a269b9cb003cde07e1b18b16cc59384343be9a9cb5ab71cb6f82ee5e2cd130b

    • SHA512

      95ce5f64b443158c2c5cce1d43431a099257c5d49e52d8a17f178df32c69c143ad0d46c8682cc4ff521639c05fc44bdd0ce414f994087cfd524f9d0d9d021513

    • SSDEEP

      6144:e33nzsAF7YrlbTyeaheHhpz85ka+wxdLsb/:OjsAF7YrlbO3hi9wsj

    Score
    10/10
    redlinesectoprat3infostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks