redline | bbb41484a215f4bdf278d2fee0ce2581c78468b7163f57bc4846e620275deb45 | Triage

Submit
Reports

Overview

overview

Static

static

bbb41484a2...45.exe

windows7-x64

bbb41484a2...45.exe

windows10-2004-x64

Sharing

General

Target

bbb41484a215f4bdf278d2fee0ce2581c78468b7163f57bc4846e620275deb45
Size

105KB
Sample

240308-tskcrabf26
MD5

7e15ed0fbe9ef1c7b748c9734794f68d
SHA1

d6e02d5fdba53769ff4aae1a74a843e34ef85133
SHA256

bbb41484a215f4bdf278d2fee0ce2581c78468b7163f57bc4846e620275deb45
SHA512

e505d1e90634a72b0926070af49bd9f96e0dd040f79bc4e683c27d4cef65c8a7572dd4e086708990e6fd7be257b24ee1cc2bcb4be648b7a0783d4e3ebd93554e
SSDEEP

1536:SqsINqLGlbG6jejoigI343Ywzi0Zb78ivombfexv0ujXyyed2v3teulgS6pEGIrx:wAMOY3+zi0ZbYe1g0ujyzdzEGIF

Score

10^/10

redline sectoprat cheat infostealer rat trojan

Static task

static1

cheat redline sectoprat

4 signatures

Behavioral task

behavioral1

Sample

bbb41484a215f4bdf278d2fee0ce2581c78468b7163f57bc4846e620275deb45.exe

Resource

win7-20240221-en

redline sectoprat cheat infostealer rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

bbb41484a215f4bdf278d2fee0ce2581c78468b7163f57bc4846e620275deb45.exe

Resource

win10v2004-20240226-en

redline sectoprat cheat infostealer rat trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

31.210.43.215:51414

Targets

- Target
  
  bbb41484a215f4bdf278d2fee0ce2581c78468b7163f57bc4846e620275deb45
- Size
  
  105KB
- MD5
  
  7e15ed0fbe9ef1c7b748c9734794f68d
- SHA1
  
  d6e02d5fdba53769ff4aae1a74a843e34ef85133
- SHA256
  
  bbb41484a215f4bdf278d2fee0ce2581c78468b7163f57bc4846e620275deb45
- SHA512
  
  e505d1e90634a72b0926070af49bd9f96e0dd040f79bc4e683c27d4cef65c8a7572dd4e086708990e6fd7be257b24ee1cc2bcb4be648b7a0783d4e3ebd93554e
- SSDEEP
  
  1536:SqsINqLGlbG6jejoigI343Ywzi0Zb78ivombfexv0ujXyyed2v3teulgS6pEGIrx:wAMOY3+zi0ZbYe1g0ujyzdzEGIF
Score

10^/10

redline sectoprat cheat infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

cheatredlinesectoprat

behavioral1

redlinesectopratcheatinfostealerrattrojan

behavioral2

redlinesectopratcheatinfostealerrattrojan

© 2018-2024

Terms | Privacy