redline | dcc27a2bc3c1136f4d1e30fa98798dc28b52232393482ff51c2080adbc7e582c | Triage

Submit
Reports

Overview

overview

Static

static

410bbaa054...72.exe

windows7-x64

410bbaa054...72.exe

windows10-2004-x64

Sharing

General

Target

dcc27a2bc3c1136f4d1e30fa98798dc28b52232393482ff51c2080adbc7e582c
Size

43KB
Sample

240419-t9xdmsad8t
MD5

be962c75bf8c28c203499bf49995784d
SHA1

31b7a218548b0a741faf2bec604c203c439d3566
SHA256

dcc27a2bc3c1136f4d1e30fa98798dc28b52232393482ff51c2080adbc7e582c
SHA512

4bb8f028adecaf7a8d6b19304a067c6dda8d07436b53d0cdbf7510c875995349935da4c24d98158d64185d3c0d32bd5f09d9e38f43b2a591ef31e3a1992bc920
SSDEEP

768:yFFMUF+mFCdSEhHepoZDutcSJU1zUb64P6mOmyFW4ci3JuZauDkEK6kMzpA9Nj1:yX/Fy4EoHzJUQbDEM496kKAh

Score

10^/10

redline sectoprat checker infostealer rat trojan

Static task

static1

checker redline sectoprat

5 signatures

Behavioral task

behavioral1

Sample

410bbaa054722728177d773503246f5c289ba40cdbab793b42ce638e330b2472.exe

Resource

win7-20240221-en

redline sectoprat checker infostealer rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

410bbaa054722728177d773503246f5c289ba40cdbab793b42ce638e330b2472.exe

Resource

win10v2004-20240412-en

redline sectoprat checker infostealer rat trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

CHECKER

C2

41.216.183.150:32356

Targets

- Target
  
  410bbaa054722728177d773503246f5c289ba40cdbab793b42ce638e330b2472.exe
- Size
  
  96KB
- MD5
  
  3618d640f96e5d7858cd7fbd2d065dbe
- SHA1
  
  7c0565f3f3e7cde72309e0b9032017f443d08b25
- SHA256
  
  410bbaa054722728177d773503246f5c289ba40cdbab793b42ce638e330b2472
- SHA512
  
  8b8234271d4f910378f9965d689d394938a45eb460e37031e0638c9f6635e307e714841fb04807003b769f5caf444344462d5174d980cd87e43849e8e1bebd10
- SSDEEP
  
  1536:2qsectqDL0lbG6jejoigIq43Ywzi0Zb78ivombfexv0ujXyyed2vtQulgS6pP:kHMsYq+zi0ZbYe1g0ujyzdZP
Score

10^/10

redline sectoprat checker infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

checkerredlinesectoprat

behavioral1

redlinesectopratcheckerinfostealerrattrojan

behavioral2

redlinesectopratcheckerinfostealerrattrojan

© 2018-2024

Terms | Privacy