Overview

overview

10

Static

static

10

c5a97c768e...f6.exe

windows7-x64

10

c5a97c768e...f6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aca66e14ad1a72b7a5784d55f6a277f709a016517cc14b388153526af453c753

  • Size

    43KB

  • Sample

    240419-txsjxshh7v

  • MD5

    54d7ff2b380b7e42cfef4edcee3ea444

  • SHA1

    01eb65d7f68d6c49535089bd55dd046fe1ee4e70

  • SHA256

    aca66e14ad1a72b7a5784d55f6a277f709a016517cc14b388153526af453c753

  • SHA512

    75ed5cef10bbcda591f9c5304699f94808a8461c6ea5a32b31795b798009247c77c5ecba40947ee1a5a45feeee954227bf396f002e3820b7ff8c900fd19e30da

  • SSDEEP

    768:R/vmuLhQizFfe269n0s2i7UvqoMCan3AUSI6HNhHexxWGo/LniyQSkqLR07Y:R/uCeizFmF90s23v7KQUitdex96DQ60E

Score
10/10
redlinesectopratskullb3astloginfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

skullb3astlog

C2

5.180.155.87:64765

Targets

    • Target

      c5a97c768e7ba609346fe283ab8be115e1279edd50e672a89eaa9c1693cf4df6.exe

    • Size

      95KB

    • MD5

      41e1316ad765ff98c73bba526b2cb009

    • SHA1

      37ae8a52f1c67cbc822e87a8b4ac25f713eae8ec

    • SHA256

      c5a97c768e7ba609346fe283ab8be115e1279edd50e672a89eaa9c1693cf4df6

    • SHA512

      4442cd519c9aee91972ff30f607d2aea5ebc182c89023c484ea14ba63349292e31c998def9641e2893cfd9de0c32ebb2a84330e575a9f8184cbcdddeaadc30ef

    • SSDEEP

      1536:Nqs+oqu3lbG6jejoigIH43Ywzi0Zb78ivombfexv0ujXyyed21tmulgS6pIl:7L1FYH+zi0ZbYe1g0ujyzdFI

    Score
    10/10
    redlinesectopratskullb3astloginfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks