Overview

overview

10

Static

static

3

683be2e299...18.exe

windows7-x64

10

683be2e299...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    683be2e2998fb1c391fc58598c3edf50_JaffaCakes118

  • Size

    364KB

  • Sample

    240401-fg7r1sdh8w

  • MD5

    683be2e2998fb1c391fc58598c3edf50

  • SHA1

    a47d48e1a52a75db24115442d0a46dbc183feed7

  • SHA256

    650da202822f37cf97b5b4f027944fe695a60b6ee8fa7a00eb8fe283d9fc7803

  • SHA512

    9f9fc990697fcc1db586494bcf96d2ba437fe3bf61d313214232b62421031166fe4f0724fc56f289654209e1b622f355897c0894a994f60cfa8d8d7524e07a12

  • SSDEEP

    6144:4/MOJYyJ0FFuvC3EJH82nd34yD3XPaeG0mpeA1qX7tNfVXVHQLIiu8cfo0/pW:KMOayJ0uvo+c84x90C1wZGEX8cA0/M

Score
10/10
redlinesectopratshopinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

shop

C2

45.9.20.107:46187

Attributes
  • auth_value

    60c75f1e2d31f6bac6dd7edad67d8615

Targets

    • Target

      683be2e2998fb1c391fc58598c3edf50_JaffaCakes118

    • Size

      364KB

    • MD5

      683be2e2998fb1c391fc58598c3edf50

    • SHA1

      a47d48e1a52a75db24115442d0a46dbc183feed7

    • SHA256

      650da202822f37cf97b5b4f027944fe695a60b6ee8fa7a00eb8fe283d9fc7803

    • SHA512

      9f9fc990697fcc1db586494bcf96d2ba437fe3bf61d313214232b62421031166fe4f0724fc56f289654209e1b622f355897c0894a994f60cfa8d8d7524e07a12

    • SSDEEP

      6144:4/MOJYyJ0FFuvC3EJH82nd34yD3XPaeG0mpeA1qX7tNfVXVHQLIiu8cfo0/pW:KMOayJ0uvo+c84x90C1wZGEX8cA0/M

    Score
    10/10
    redlinesectopratshopinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks