Overview

overview

10

Static

static

3

b4211ff45f...5d.exe

windows7-x64

10

b4211ff45f...5d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4211ff45f36896041c6b9e69e00f45d

  • Size

    337KB

  • Sample

    240305-h8hy3sad45

  • MD5

    b4211ff45f36896041c6b9e69e00f45d

  • SHA1

    40defb8ae7e6abf2b359d51c858a4f5746fa2f47

  • SHA256

    be46da173776b82cc3c247addc9474d7f13821dc8edc1dc1b602d79406016b0b

  • SHA512

    2eafe9633e2cfa50c45ba48595d99f1017e35409f2cbe5332485e472fdf60b6032d5259e0cdb43b7a37ddf1e29f797f98425caa51c44d7630c8231d2685e23aa

  • SSDEEP

    3072:Bk0XPvhvK8GJYDe9lX7droYMUxR3WhhVYNkg7hpe1E6bYC2bRFLI0auMgmsp70Bp:/H4YarfMU33h6q0c8km3BPAnpQx5AH

Score
10/10
redlinesectopratsewpalpadininfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.114:8887

Targets

    • Target

      b4211ff45f36896041c6b9e69e00f45d

    • Size

      337KB

    • MD5

      b4211ff45f36896041c6b9e69e00f45d

    • SHA1

      40defb8ae7e6abf2b359d51c858a4f5746fa2f47

    • SHA256

      be46da173776b82cc3c247addc9474d7f13821dc8edc1dc1b602d79406016b0b

    • SHA512

      2eafe9633e2cfa50c45ba48595d99f1017e35409f2cbe5332485e472fdf60b6032d5259e0cdb43b7a37ddf1e29f797f98425caa51c44d7630c8231d2685e23aa

    • SSDEEP

      3072:Bk0XPvhvK8GJYDe9lX7droYMUxR3WhhVYNkg7hpe1E6bYC2bRFLI0auMgmsp70Bp:/H4YarfMU33h6q0c8km3BPAnpQx5AH

    Score
    10/10
    redlinesectopratsewpalpadininfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks