Overview

overview

10

Static

static

3

ced83ccadb...86.exe

windows7-x64

10

ced83ccadb...86.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ced83ccadb60e298b3933435d6253d86

  • Size

    291KB

  • Sample

    240316-xw9nlabg46

  • MD5

    ced83ccadb60e298b3933435d6253d86

  • SHA1

    7feadc836c7691144b312ccb6a793f72713be892

  • SHA256

    28fa004d2c07338923ab87cb99670da4dadadc981604d2344a9d203e0ff37e4a

  • SHA512

    23820163321d77a54ebf436d6bab8cc2506651472d4bc624d7ac2944a2ac336a968d7021fe9fd97c2428e522e60abf9de052bb46f596b2f826e5f0c557207e49

  • SSDEEP

    6144:jP77LSds2oxYi7tgsLc0hY9hjNQDBQXNMGd7TuK:jP77uegap+9bgBQh7T

Score
10/10
redlinesectoprattestinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

test

C2

193.56.146.78:51487

Targets

    • Target

      ced83ccadb60e298b3933435d6253d86

    • Size

      291KB

    • MD5

      ced83ccadb60e298b3933435d6253d86

    • SHA1

      7feadc836c7691144b312ccb6a793f72713be892

    • SHA256

      28fa004d2c07338923ab87cb99670da4dadadc981604d2344a9d203e0ff37e4a

    • SHA512

      23820163321d77a54ebf436d6bab8cc2506651472d4bc624d7ac2944a2ac336a968d7021fe9fd97c2428e522e60abf9de052bb46f596b2f826e5f0c557207e49

    • SSDEEP

      6144:jP77LSds2oxYi7tgsLc0hY9hjNQDBQXNMGd7TuK:jP77uegap+9bgBQh7T

    Score
    10/10
    redlinesectoprattestinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks