redline | 4675455dc430ad5f3a4cfb34d6cb49e9a421682fefe6eee63b55ca29c720394f | Triage

Submit
Reports

Overview

overview

Static

static

a56ab2abe6...68.exe

windows7-x64

a56ab2abe6...68.exe

windows10-2004-x64

Sharing

General

Target

4675455dc430ad5f3a4cfb34d6cb49e9a421682fefe6eee63b55ca29c720394f
Size

42KB
Sample

240419-txvpaaha78
MD5

9b15a5dcef6d2b9122a4b79e5034c7bb
SHA1

c0646923123ed13ee52bc1dfc2789d7e3bbcb06f
SHA256

4675455dc430ad5f3a4cfb34d6cb49e9a421682fefe6eee63b55ca29c720394f
SHA512

b9c3064d273be9784506e30b76e56abecf5284b8a073183ad9f9bd6cdf7983fa513ef76c8b0ef218356c3e31a653ba3083cdcf351ded702960057d6bdafe47e2
SSDEEP

768:cFzPQhSnDK4QhZfD00eCWoCmGnsapUq9OlVjNIAEl0t6HcqKpVQec3lWYdZ:cBQvT/e1oCTndKq8ltJjtucqGCec1lZ

Score

10^/10

redline sectoprat cheat infostealer rat trojan

Static task

static1

cheat redline sectoprat

5 signatures

Behavioral task

behavioral1

Sample

a56ab2abe69823efba8192aad89c0521b3869f091752ce63e7ec399f679b1768.exe

Resource

win7-20240220-en

redline sectoprat cheat infostealer rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

a56ab2abe69823efba8192aad89c0521b3869f091752ce63e7ec399f679b1768.exe

Resource

win10v2004-20240412-en

redline sectoprat cheat infostealer rat trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

31.210.43.215:51414

Targets

- Target
  
  a56ab2abe69823efba8192aad89c0521b3869f091752ce63e7ec399f679b1768.exe
- Size
  
  95KB
- MD5
  
  bdd591abdd4acc492a22e106c01afc00
- SHA1
  
  cbb251313cafe324debde7bd9255afb0c668d128
- SHA256
  
  a56ab2abe69823efba8192aad89c0521b3869f091752ce63e7ec399f679b1768
- SHA512
  
  6174827d726abf8d59de7009e642b089cdfc6b450190665374663cb4253ba0a276e0c187eeec59b4bb0fd677c5121d701dcecdf5fdd8ae6f308370f9705e4e31
- SSDEEP
  
  1536:nqsINqLGlbG6jejoigI343Ywzi0Zb78ivombfexv0ujXyyed2v3teulgS6pQZQU1:VAMOY3+zi0ZbYe1g0ujyzdzQZQU1
Score

10^/10

redline sectoprat cheat infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

cheatredlinesectoprat

behavioral1

redlinesectopratcheatinfostealerrattrojan

behavioral2

redlinesectopratcheatinfostealerrattrojan

© 2018-2024

Terms | Privacy