Overview

overview

10

Static

static

3

a4118db763...a0.exe

windows7-x64

10

a4118db763...a0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a4118db763f38f44c6869f3d46442aa0

  • Size

    187KB

  • Sample

    240225-r9p88aeb35

  • MD5

    a4118db763f38f44c6869f3d46442aa0

  • SHA1

    6842ee38f9fc7fc7d0aa7b3eaff33e9d2de507b3

  • SHA256

    daa06f4f0bc4c42eba48a486cc1497d31c594704b23f36855c71a3ba4dd0c49e

  • SHA512

    577a92cb503a8de18b18c296b8617f7bcce9bf032a480cda529b2a0b0247cb5fcc165d54bd7cab9eeb5c4a3e7a64f172ccb39b1d0b9d12e1cc2f9e353eb1086f

  • SSDEEP

    3072:Qe7pk3xgA7SGb9GwaBE9cssXl2Ry6t9mYWUkWyqojjjRbj5WWWWWWW+d6has4K+M:dk3xl7SAGCVR3+YEqojjjRxWWWWWWW+M

Score
10/10
redlinesectoprat3infostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

3

C2

deyrolorme.xyz:80

xariebelal.xyz:80

anihelardd.xyz:80

Targets

    • Target

      a4118db763f38f44c6869f3d46442aa0

    • Size

      187KB

    • MD5

      a4118db763f38f44c6869f3d46442aa0

    • SHA1

      6842ee38f9fc7fc7d0aa7b3eaff33e9d2de507b3

    • SHA256

      daa06f4f0bc4c42eba48a486cc1497d31c594704b23f36855c71a3ba4dd0c49e

    • SHA512

      577a92cb503a8de18b18c296b8617f7bcce9bf032a480cda529b2a0b0247cb5fcc165d54bd7cab9eeb5c4a3e7a64f172ccb39b1d0b9d12e1cc2f9e353eb1086f

    • SSDEEP

      3072:Qe7pk3xgA7SGb9GwaBE9cssXl2Ry6t9mYWUkWyqojjjRbj5WWWWWWW+d6has4K+M:dk3xl7SAGCVR3+YEqojjjRxWWWWWWW+M

    Score
    10/10
    redlinesectoprat3infostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks