Overview

overview

10

Static

static

3

c29f5d985d...de.exe

windows7-x64

10

c29f5d985d...de.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c29f5d985d1fc2385e75aafe283dd4de

  • Size

    278KB

  • Sample

    240312-gp226sca55

  • MD5

    c29f5d985d1fc2385e75aafe283dd4de

  • SHA1

    d4a4916c29d421b1b130511d6aa0f0c07dcfc6cd

  • SHA256

    398f20f05fdcbe0a4f677ec06e2f9f1690630701e70a872413bc90b556314b1b

  • SHA512

    a0688d42ef7f0b05e690ca43f7f171387f787b7ad75eab51f3e6b34d907c6e25318e1742bc4d5a7fce09e16dd0c3ef7055b4d6b6411c311183a2d5ed58b532b0

  • SSDEEP

    6144:8hh8puHcVEe7gOE1FvAewCLesLvJrLaLiM1tN3SRwoOL:8hGpAS9kPjvPLLzJrLaHLEwoO

Score
10/10
redlinesectoprattestinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

test

C2

205.185.119.191:18846

Targets

    • Target

      c29f5d985d1fc2385e75aafe283dd4de

    • Size

      278KB

    • MD5

      c29f5d985d1fc2385e75aafe283dd4de

    • SHA1

      d4a4916c29d421b1b130511d6aa0f0c07dcfc6cd

    • SHA256

      398f20f05fdcbe0a4f677ec06e2f9f1690630701e70a872413bc90b556314b1b

    • SHA512

      a0688d42ef7f0b05e690ca43f7f171387f787b7ad75eab51f3e6b34d907c6e25318e1742bc4d5a7fce09e16dd0c3ef7055b4d6b6411c311183a2d5ed58b532b0

    • SSDEEP

      6144:8hh8puHcVEe7gOE1FvAewCLesLvJrLaLiM1tN3SRwoOL:8hGpAS9kPjvPLLzJrLaHLEwoO

    Score
    10/10
    redlinesectoprattestinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks