Overview

overview

10

Static

static

3

1c73ff249a...18.exe

windows7-x64

10

1c73ff249a...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c73ff249a58e37700276acdb7a4a96f_JaffaCakes118

  • Size

    385KB

  • Sample

    240329-jg55zadc37

  • MD5

    1c73ff249a58e37700276acdb7a4a96f

  • SHA1

    f350a97292c018a365ab9fad7cf157bd713db66c

  • SHA256

    ad8daadd898e47da8966ca32d90cd6bbd910a53d89b981aa434e08448b0d9645

  • SHA512

    665b37e780263808e2da017ec378355127153eda41371a55a419f1d7fdb871a1b01c20ad009e99c7dc59ecc588951ef5fab28e40fb4691705022261cfcf1889e

  • SSDEEP

    12288:Z+Fadoc3d1t8Ef4wBHKUVCCzOERRq2MGPXW:MFSF58UHKf4OE2t

Score
10/10
redlinesectopratbuildinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

build

C2

77.232.40.127:8204

Attributes
  • auth_value

    275ce2c87153d4e8e3cc276c686a93de

Targets

    • Target

      1c73ff249a58e37700276acdb7a4a96f_JaffaCakes118

    • Size

      385KB

    • MD5

      1c73ff249a58e37700276acdb7a4a96f

    • SHA1

      f350a97292c018a365ab9fad7cf157bd713db66c

    • SHA256

      ad8daadd898e47da8966ca32d90cd6bbd910a53d89b981aa434e08448b0d9645

    • SHA512

      665b37e780263808e2da017ec378355127153eda41371a55a419f1d7fdb871a1b01c20ad009e99c7dc59ecc588951ef5fab28e40fb4691705022261cfcf1889e

    • SSDEEP

      12288:Z+Fadoc3d1t8Ef4wBHKUVCCzOERRq2MGPXW:MFSF58UHKf4OE2t

    Score
    10/10
    redlinesectopratbuildinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks