Overview

overview

10

Static

static

3

c844c77a40...1d.exe

windows7-x64

10

c844c77a40...1d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c844c77a4052cd87225ef065c71abb1d

  • Size

    269KB

  • Sample

    240314-lczhqsag27

  • MD5

    c844c77a4052cd87225ef065c71abb1d

  • SHA1

    a2fa85d3b42005660c622aa1e59708d38a8b57b0

  • SHA256

    d319ddd3d52abce88199f3b7d1385bb3258290139b8b05a1ef2b672af8da2fba

  • SHA512

    0e923e260e29672e9d33e924cfb775fb4eca26ebc66bee09d0b7f28983f06aa47e9f0d6c331517a6ab09d8ddf583fa0aafeb89d150d982bd20ad41a1338d3cbb

  • SSDEEP

    6144:rCuzu9S4sWp7RsmuBAtelVBSrqEYg5VHwhZU9sI5/:rCuy5sS1uBAteleqEYyVec

Score
10/10
redlinesectoprathelloinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

hello

C2

80.66.87.33:36976

Targets

    • Target

      c844c77a4052cd87225ef065c71abb1d

    • Size

      269KB

    • MD5

      c844c77a4052cd87225ef065c71abb1d

    • SHA1

      a2fa85d3b42005660c622aa1e59708d38a8b57b0

    • SHA256

      d319ddd3d52abce88199f3b7d1385bb3258290139b8b05a1ef2b672af8da2fba

    • SHA512

      0e923e260e29672e9d33e924cfb775fb4eca26ebc66bee09d0b7f28983f06aa47e9f0d6c331517a6ab09d8ddf583fa0aafeb89d150d982bd20ad41a1338d3cbb

    • SSDEEP

      6144:rCuzu9S4sWp7RsmuBAtelVBSrqEYg5VHwhZU9sI5/:rCuy5sS1uBAteleqEYyVec

    Score
    10/10
    redlinesectoprathelloinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks