Overview

overview

10

Static

static

1

06ad3b3071...18.exe

windows7-x64

10

06ad3b3071...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    06ad3b30712f20d50b9450f38f1f2f20_JaffaCakes118

  • Size

    406KB

  • Sample

    240328-qpbpnafb5z

  • MD5

    06ad3b30712f20d50b9450f38f1f2f20

  • SHA1

    806120bb2898b63dbeee3206300a897cb21c1f9a

  • SHA256

    2bcaa0d9b08822020055982a367b2fdf59c94a6e0947b396b75d8b0421c12df1

  • SHA512

    18d97e1834add620e9af26135ae1c40bc02e7a36c876a5a2cd8b89a4fc9d2911b9cbfe4bc8b372d1b652d7cee013a187175c8b662026ba930e30dca12b648095

  • SSDEEP

    6144:OM4RPbNqIb1x4SHBtX+OeoezN0GPhIpKjUKUSs5jxA/URY3DDqsu:ORbNqu4Slo0GPOcjUKUSGxA/U0qsu

Score
10/10
redlinesectoprat4infostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

4

C2

80.87.192.249:16640

Attributes
  • auth_value

    3e4c638c72124e45bcf5164456741cce

Targets

    • Target

      06ad3b30712f20d50b9450f38f1f2f20_JaffaCakes118

    • Size

      406KB

    • MD5

      06ad3b30712f20d50b9450f38f1f2f20

    • SHA1

      806120bb2898b63dbeee3206300a897cb21c1f9a

    • SHA256

      2bcaa0d9b08822020055982a367b2fdf59c94a6e0947b396b75d8b0421c12df1

    • SHA512

      18d97e1834add620e9af26135ae1c40bc02e7a36c876a5a2cd8b89a4fc9d2911b9cbfe4bc8b372d1b652d7cee013a187175c8b662026ba930e30dca12b648095

    • SSDEEP

      6144:OM4RPbNqIb1x4SHBtX+OeoezN0GPhIpKjUKUSs5jxA/URY3DDqsu:ORbNqu4Slo0GPOcjUKUSGxA/U0qsu

    Score
    10/10
    redlinesectoprat4infostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks