redline | 8ed3614337b30b6f52623f70618a84fa64fe6404a2592b1bca3b4c81506e4b6a | Triage

Submit
Reports

Overview

overview

Static

static

1

b49e1e828c...a2.exe

windows7-x64

b49e1e828c...a2.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

b49e1e828ca85a5ba4232536589ae8a2
Size

1.2MB
Sample

240305-ntq9sseg67
MD5

b49e1e828ca85a5ba4232536589ae8a2
SHA1

1bb799fbcf26121be3f67384b662cc22f0955878
SHA256

8ed3614337b30b6f52623f70618a84fa64fe6404a2592b1bca3b4c81506e4b6a
SHA512

fc974b107f7c5eee416baa7a9386cca5cf2675edec78bd4410f0773abcab7264041e4fe16f4fc84a59e3535080266dab9da6d7d0e195e5dce5f060d408a08165
SSDEEP

24576:99qHeJtAb2DxPeuXe7gmS3yfNsBkofce/z2p0L/rN4krwVf:lHFUuO7bS3ksBp72pAqG

Score

10^/10

redline sectoprat bugatti infostealer rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

b49e1e828ca85a5ba4232536589ae8a2.exe

Resource

win7-20240221-en

redline sectoprat bugatti infostealer rat trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

b49e1e828ca85a5ba4232536589ae8a2.exe

Resource

win10v2004-20240226-en

redline sectoprat bugatti infostealer rat trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

Bugatti

C2

45.88.3.176:17033

Targets

- Target
  
  b49e1e828ca85a5ba4232536589ae8a2
- Size
  
  1.2MB
- MD5
  
  b49e1e828ca85a5ba4232536589ae8a2
- SHA1
  
  1bb799fbcf26121be3f67384b662cc22f0955878
- SHA256
  
  8ed3614337b30b6f52623f70618a84fa64fe6404a2592b1bca3b4c81506e4b6a
- SHA512
  
  fc974b107f7c5eee416baa7a9386cca5cf2675edec78bd4410f0773abcab7264041e4fe16f4fc84a59e3535080266dab9da6d7d0e195e5dce5f060d408a08165
- SSDEEP
  
  24576:99qHeJtAb2DxPeuXe7gmS3yfNsBkofce/z2p0L/rN4krwVf:lHFUuO7bS3ksBp72pAqG
Score

10^/10

redline sectoprat bugatti infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesectopratbugattiinfostealerrattrojan

behavioral2

redlinesectopratbugattiinfostealerrattrojan

© 2018-2025

Terms | Privacy