redline | 943619e1888ff48ae6fe10087f3b0e2d1185ec2b53afe5f3ad226e7c92196ac7 | Triage

Submit
Reports

Overview

overview

Static

static

1

e6877e35b4...18.exe

windows7-x64

e6877e35b4...18.exe

windows10-2004-x64

Sharing

General

Target

e6877e35b45e3e4f075f48155b03aed4_JaffaCakes118
Size

290KB
Sample

240408-dy81asfd96
MD5

e6877e35b45e3e4f075f48155b03aed4
SHA1

82877902433b7198413d652ff912fdbe69f6d4eb
SHA256

943619e1888ff48ae6fe10087f3b0e2d1185ec2b53afe5f3ad226e7c92196ac7
SHA512

b484752f85ef3ad9dfea7e1d70bcf5909b22d0da6baa18b469e26e202b8af557936a4890871d8a04bfc8ab6e1ce7ca4a483c67b740b55191c081c9cccac8f560
SSDEEP

6144:I+DB4eiOYNDLtahVTLYSp57u7KWch7Vx98aCqQZcryEXsu:fB4eiL3ghVYSC7KWkH8K5su

Score

10^/10

redline sectoprat 4 infostealer rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

e6877e35b45e3e4f075f48155b03aed4_JaffaCakes118.exe

Resource

win7-20240215-en

redline sectoprat 4 infostealer rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

e6877e35b45e3e4f075f48155b03aed4_JaffaCakes118.exe

Resource

win10v2004-20240226-en

redline sectoprat 4 infostealer rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

4

C2

80.87.192.249:16640

Attributes

auth_value
3e4c638c72124e45bcf5164456741cce

Targets

- Target
  
  e6877e35b45e3e4f075f48155b03aed4_JaffaCakes118
- Size
  
  290KB
- MD5
  
  e6877e35b45e3e4f075f48155b03aed4
- SHA1
  
  82877902433b7198413d652ff912fdbe69f6d4eb
- SHA256
  
  943619e1888ff48ae6fe10087f3b0e2d1185ec2b53afe5f3ad226e7c92196ac7
- SHA512
  
  b484752f85ef3ad9dfea7e1d70bcf5909b22d0da6baa18b469e26e202b8af557936a4890871d8a04bfc8ab6e1ce7ca4a483c67b740b55191c081c9cccac8f560
- SSDEEP
  
  6144:I+DB4eiOYNDLtahVTLYSp57u7KWch7Vx98aCqQZcryEXsu:fB4eiL3ghVYSC7KWkH8K5su
Score

10^/10

redline sectoprat 4 infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesectoprat4infostealerrattrojan

behavioral2

redlinesectoprat4infostealerrattrojan

© 2018-2024

Terms | Privacy