Overview

overview

10

Static

static

3

42c792f862...18.exe

windows7-x64

10

42c792f862...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    42c792f8620646cb828c53cd07c3f594_JaffaCakes118

  • Size

    417KB

  • Sample

    240330-ylpfcadb2w

  • MD5

    42c792f8620646cb828c53cd07c3f594

  • SHA1

    0cbab40cf1dbbc129268233f47b15d05154a8bb1

  • SHA256

    b684a67ae1f8ca2db59e24cc902eea35fb575d4044049a388cc9824583328b58

  • SHA512

    cbe8d96c2c448805caaf2c6aaadbf707d987839dd1cfeec9071eb94229a306c04629a45733be0bfad7252ad9ab9af2bb903fa58ec34416e443bef542c6367c4f

  • SSDEEP

    12288:aoen5ZNyqyxiQPTMPbJ2A07RnHQ4dHO2ory5cSlo:ab5Uxic6bJ2Aun82ory

Score
10/10
redlinesectopratutsinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Attributes
  • auth_value

    a272f3a2850ec3dccdaed97234b7c40e

Targets

    • Target

      42c792f8620646cb828c53cd07c3f594_JaffaCakes118

    • Size

      417KB

    • MD5

      42c792f8620646cb828c53cd07c3f594

    • SHA1

      0cbab40cf1dbbc129268233f47b15d05154a8bb1

    • SHA256

      b684a67ae1f8ca2db59e24cc902eea35fb575d4044049a388cc9824583328b58

    • SHA512

      cbe8d96c2c448805caaf2c6aaadbf707d987839dd1cfeec9071eb94229a306c04629a45733be0bfad7252ad9ab9af2bb903fa58ec34416e443bef542c6367c4f

    • SSDEEP

      12288:aoen5ZNyqyxiQPTMPbJ2A07RnHQ4dHO2ory5cSlo:ab5Uxic6bJ2Aun82ory

    Score
    10/10
    redlinesectopratutsinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks