Overview

overview

10

Static

static

1

a1ed011dcb...e9.exe

windows7-x64

10

a1ed011dcb...e9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a1ed011dcb51f6787c27f09124345fe9

  • Size

    563KB

  • Sample

    240224-qb4hhsce42

  • MD5

    a1ed011dcb51f6787c27f09124345fe9

  • SHA1

    7abf9da22e35d13a2ad6a7e7fcf5773bae016bd1

  • SHA256

    7343b3706d03e104cdebd561ec441807a5424d4b48778a1396388c654a5e123c

  • SHA512

    ab3efddb8b9d15f8e0f63064f3e94d3cb72cb2cd1ceaf2479a4cd42c6a30cb378d97fc8c40d8e6c3a55fccff3d11d30aa81b1b9010cec533ec13acb187cff762

  • SSDEEP

    6144:+++4fSzkNDYb+iuD6eQpSdYtYZsoL6EAwKM8TE/2H9:O4GysbluueaSatYZGMw1H9

Score
10/10
redlinesectoprat22infostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

22

C2

GAMELABPRO.CLUB:80

Targets

    • Target

      a1ed011dcb51f6787c27f09124345fe9

    • Size

      563KB

    • MD5

      a1ed011dcb51f6787c27f09124345fe9

    • SHA1

      7abf9da22e35d13a2ad6a7e7fcf5773bae016bd1

    • SHA256

      7343b3706d03e104cdebd561ec441807a5424d4b48778a1396388c654a5e123c

    • SHA512

      ab3efddb8b9d15f8e0f63064f3e94d3cb72cb2cd1ceaf2479a4cd42c6a30cb378d97fc8c40d8e6c3a55fccff3d11d30aa81b1b9010cec533ec13acb187cff762

    • SSDEEP

      6144:+++4fSzkNDYb+iuD6eQpSdYtYZsoL6EAwKM8TE/2H9:O4GysbluueaSatYZGMw1H9

    Score
    10/10
    redlinesectoprat22infostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks