Overview

overview

10

Static

static

3

eb549f062c...18.exe

windows7-x64

10

eb549f062c...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eb549f062c973c63fb2ec97805546a0e_JaffaCakes118

  • Size

    277KB

  • Sample

    240410-sb2p2aca87

  • MD5

    eb549f062c973c63fb2ec97805546a0e

  • SHA1

    47828373d96c466ceec9a454e5a9b210816a2f83

  • SHA256

    f9a298e5a33d42c1b8d929ddba5a0db9762d0ed6579ff44e9cf2d683bb019b45

  • SHA512

    bce68ec248c17053bf0390624d7e54194a10c0b342de089d9f7f48315d8ee4ba4d5d741709215e3dca7db39b0a43dcc85482c48886276f66339ebdd5747fb2b0

  • SSDEEP

    6144:GZML1SB2q9JMCQcdJr/nDVq6UZqRLah0xJgLBI:0MpSB2qnMCQcdJr/nkeRW0YL

Score
10/10
redlinesectopratsewpalpadininfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.114:8887

Targets

    • Target

      eb549f062c973c63fb2ec97805546a0e_JaffaCakes118

    • Size

      277KB

    • MD5

      eb549f062c973c63fb2ec97805546a0e

    • SHA1

      47828373d96c466ceec9a454e5a9b210816a2f83

    • SHA256

      f9a298e5a33d42c1b8d929ddba5a0db9762d0ed6579ff44e9cf2d683bb019b45

    • SHA512

      bce68ec248c17053bf0390624d7e54194a10c0b342de089d9f7f48315d8ee4ba4d5d741709215e3dca7db39b0a43dcc85482c48886276f66339ebdd5747fb2b0

    • SSDEEP

      6144:GZML1SB2q9JMCQcdJr/nDVq6UZqRLah0xJgLBI:0MpSB2qnMCQcdJr/nkeRW0YL

    Score
    10/10
    redlinesectopratsewpalpadininfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks