Overview

overview

10

Static

static

3

436899447d...18.exe

windows7-x64

10

436899447d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    436899447ddc687ee9efdfef8bbbcfd2_JaffaCakes118

  • Size

    366KB

  • Sample

    240330-y6dvcaee27

  • MD5

    436899447ddc687ee9efdfef8bbbcfd2

  • SHA1

    f9d667e02f08e70bf696a1d8602b6f0c3fb2bf6a

  • SHA256

    d307b412a86ed94011afd996fd2f48a003d69a9ae0363417562029337613dd70

  • SHA512

    86f3b300bb379603042eb5c97b4ccc77127c504dc299e68bf2b5a62e1b0f6b333eb33a8db4536d0469371603db04b90cb3c2b8192de2629494c0aa9834927eb4

  • SSDEEP

    6144:5YLR+KpZ0+3mmknEoGaCNNRa6O/KDCW/gc8TNQ5:OV+KP3mNG/Nva6O/Kd/gc8hQ

Score
10/10
redlinesectopratshopinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

shop

C2

45.9.20.107:46187

Attributes
  • auth_value

    60c75f1e2d31f6bac6dd7edad67d8615

Targets

    • Target

      436899447ddc687ee9efdfef8bbbcfd2_JaffaCakes118

    • Size

      366KB

    • MD5

      436899447ddc687ee9efdfef8bbbcfd2

    • SHA1

      f9d667e02f08e70bf696a1d8602b6f0c3fb2bf6a

    • SHA256

      d307b412a86ed94011afd996fd2f48a003d69a9ae0363417562029337613dd70

    • SHA512

      86f3b300bb379603042eb5c97b4ccc77127c504dc299e68bf2b5a62e1b0f6b333eb33a8db4536d0469371603db04b90cb3c2b8192de2629494c0aa9834927eb4

    • SSDEEP

      6144:5YLR+KpZ0+3mmknEoGaCNNRa6O/KDCW/gc8TNQ5:OV+KP3mNG/Nva6O/Kd/gc8hQ

    Score
    10/10
    redlinesectopratshopinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks