redline | e9700423fe3c878873c5566e3eb5c0f8bdbd8adddc9e18c57fc94aad6537e84c | Triage

Submit
Reports

Overview

overview

Static

static

bbb41484a2...45.exe

windows7-x64

bbb41484a2...45.exe

windows10-2004-x64

Sharing

General

Target

e9700423fe3c878873c5566e3eb5c0f8bdbd8adddc9e18c57fc94aad6537e84c
Size

50KB
Sample

240417-r9kczada49
MD5

0abe989c7c63310ee59e439d8ebf055d
SHA1

a7c70c5de52bbe700790445d568e1ca1994a7122
SHA256

e9700423fe3c878873c5566e3eb5c0f8bdbd8adddc9e18c57fc94aad6537e84c
SHA512

851677cd6829af6df0e3c8c4be8abad6ff047eb94417be8347cb2e199e4ff19204f4d71d9fddfaae5507ef9217a410ac7e084af7a88908db17c408c2eb00a96e
SSDEEP

1536:RAiEKskXhb5FGLY5FjSfoTM/tTS0ROvF/S5Yv:RwKskXBakjSg8tgFd

Score

10^/10

redline sectoprat cheat infostealer rat trojan

Static task

static1

cheat redline sectoprat

4 signatures

Behavioral task

behavioral1

Sample

bbb41484a215f4bdf278d2fee0ce2581c78468b7163f57bc4846e620275deb45.exe

Resource

win7-20240215-en

redline sectoprat cheat infostealer rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

bbb41484a215f4bdf278d2fee0ce2581c78468b7163f57bc4846e620275deb45.exe

Resource

win10v2004-20240412-en

redline sectoprat cheat infostealer rat trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

31.210.43.215:51414

Targets

- Target
  
  bbb41484a215f4bdf278d2fee0ce2581c78468b7163f57bc4846e620275deb45.exe
- Size
  
  105KB
- MD5
  
  7e15ed0fbe9ef1c7b748c9734794f68d
- SHA1
  
  d6e02d5fdba53769ff4aae1a74a843e34ef85133
- SHA256
  
  bbb41484a215f4bdf278d2fee0ce2581c78468b7163f57bc4846e620275deb45
- SHA512
  
  e505d1e90634a72b0926070af49bd9f96e0dd040f79bc4e683c27d4cef65c8a7572dd4e086708990e6fd7be257b24ee1cc2bcb4be648b7a0783d4e3ebd93554e
- SSDEEP
  
  1536:SqsINqLGlbG6jejoigI343Ywzi0Zb78ivombfexv0ujXyyed2v3teulgS6pEGIrx:wAMOY3+zi0ZbYe1g0ujyzdzEGIF
Score

10^/10

redline sectoprat cheat infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

cheatredlinesectoprat

behavioral1

redlinesectopratcheatinfostealerrattrojan

behavioral2

redlinesectopratcheatinfostealerrattrojan

© 2018-2024

Terms | Privacy