Overview

overview

10

Static

static

3

deaa0229a4...d6.exe

windows7-x64

10

deaa0229a4...d6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    deaa0229a4ee2496871fce68973909d6

  • Size

    350KB

  • Sample

    240325-w23xkafc54

  • MD5

    deaa0229a4ee2496871fce68973909d6

  • SHA1

    101d7fa5d7b6e2043f0584b489c967a283b699c4

  • SHA256

    cf22cb99f17cad5c79235a74c9ccb984a45cbf95018c919d41b4aa38a552db34

  • SHA512

    5adcdaf88642e3a7eef88310c3a67cda9097fd47c342dc58d47dba72d7391e624161a6aff08b1ae00525a94ff73caa002d7cdbbdb3d30c057780ade7f42453da

  • SSDEEP

    6144:r7syoQyeNcCy5Oh8GJVOMH72LKI+NZrNVfs8V:HsVQByMKG7OMHy+DN2

Score
10/10
redlinesectopratsewpalpadininfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.114:8887

Targets

    • Target

      deaa0229a4ee2496871fce68973909d6

    • Size

      350KB

    • MD5

      deaa0229a4ee2496871fce68973909d6

    • SHA1

      101d7fa5d7b6e2043f0584b489c967a283b699c4

    • SHA256

      cf22cb99f17cad5c79235a74c9ccb984a45cbf95018c919d41b4aa38a552db34

    • SHA512

      5adcdaf88642e3a7eef88310c3a67cda9097fd47c342dc58d47dba72d7391e624161a6aff08b1ae00525a94ff73caa002d7cdbbdb3d30c057780ade7f42453da

    • SSDEEP

      6144:r7syoQyeNcCy5Oh8GJVOMH72LKI+NZrNVfs8V:HsVQByMKG7OMHy+DN2

    Score
    10/10
    redlinesectopratsewpalpadininfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks