redline | b2c5577e8c882eee0be28cb16350b7aa48c3052d410d421da4a9620a8c86807d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

c106958e5f...f6.exe

windows7-x64

c106958e5f...f6.exe

windows10-2004-x64

Sharing

General

Target

c106958e5fba3a3eb8c94656bc6dedf6
Size

105KB
Sample

240311-tnza4sbb68
MD5

c106958e5fba3a3eb8c94656bc6dedf6
SHA1

3df0b7c54244cb167707a2a9825e2e28699d272f
SHA256

b2c5577e8c882eee0be28cb16350b7aa48c3052d410d421da4a9620a8c86807d
SHA512

2597a9a8b0cf97780279a8627fa6e862f0cf974ff31c8a9f9a0b58f1bb6d845891e24075e1d76c527a11b9dae2eda7c61d90b29af2580ee01ede723e60b885c0
SSDEEP

1536:wo6aGr2CT0jE68c30H6lsf+oRxv7zauiw2eLgbue7vtuvNyAsd3letx5REnG6WAD:wdxiCT0+aWVe5DeM3tulydd4NW9apU3

Score

10^/10

redline sectoprat first_7.5k infostealer rat trojan

Static task

static1

first_7.5k redline sectoprat

4 signatures

Behavioral task

behavioral1

Sample

c106958e5fba3a3eb8c94656bc6dedf6.exe

Resource

win7-20240221-en

redline sectoprat first_7.5k infostealer rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

c106958e5fba3a3eb8c94656bc6dedf6.exe

Resource

win10v2004-20240226-en

redline sectoprat first_7.5k infostealer rat trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

FIRST_7.5k

C2

45.14.49.200:27625

Targets

- Target
  
  c106958e5fba3a3eb8c94656bc6dedf6
- Size
  
  105KB
- MD5
  
  c106958e5fba3a3eb8c94656bc6dedf6
- SHA1
  
  3df0b7c54244cb167707a2a9825e2e28699d272f
- SHA256
  
  b2c5577e8c882eee0be28cb16350b7aa48c3052d410d421da4a9620a8c86807d
- SHA512
  
  2597a9a8b0cf97780279a8627fa6e862f0cf974ff31c8a9f9a0b58f1bb6d845891e24075e1d76c527a11b9dae2eda7c61d90b29af2580ee01ede723e60b885c0
- SSDEEP
  
  1536:wo6aGr2CT0jE68c30H6lsf+oRxv7zauiw2eLgbue7vtuvNyAsd3letx5REnG6WAD:wdxiCT0+aWVe5DeM3tulydd4NW9apU3
Score

10^/10

redline sectoprat first_7.5k infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

first_7.5kredlinesectoprat

behavioral1

redlinesectopratfirst_7.5kinfostealerrattrojan

behavioral2

redlinesectopratfirst_7.5kinfostealerrattrojan

© 2018-2025

Terms | Privacy