Overview

overview

10

Static

static

10

7d2368254b...7c.exe

windows7-x64

10

7d2368254b...7c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a0741d927f9259b6fdc6a7829418b352c65e7b0babc1fe59db69a2a23b5266a

  • Size

    43KB

  • Sample

    240419-v7zawsbf61

  • MD5

    97a688b9e67f6f69d9117df6be85045c

  • SHA1

    785130d10ec2dc70baaa0d8ab0132b916ade8c47

  • SHA256

    2a0741d927f9259b6fdc6a7829418b352c65e7b0babc1fe59db69a2a23b5266a

  • SHA512

    b1a1b09d31b9f1e16537f99f8d4da052b4e3656db61216c34346eb04db3e14f5c26e452985693e84029e438d7711a926b6e180a0802b4fbc9f62bc8bb639aa3f

  • SSDEEP

    768:3YqxYXw+G8RRIIyFlzNzIjhFuQjFMTNZHQbQ9ZJSpidarPMsxxXqXNW/gTH9N5wn:3YqxYXw+BRaDFLSuQjFEU8dsxuD9En

Score
10/10
redlinesectopratphotoshop_set-upinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

Photoshop_Set-Up

C2

85.215.237.245:4483

Targets

    • Target

      7d2368254b35b48490381439afef990a06f1627de0acf24d574e708ad8a7a47c.exe

    • Size

      95KB

    • MD5

      79654af854c2c4a27fcac91d377bc558

    • SHA1

      4007ac6af56b1b7db69c9af1e6ea4cc072e7e80d

    • SHA256

      7d2368254b35b48490381439afef990a06f1627de0acf24d574e708ad8a7a47c

    • SHA512

      3c1955bcce28564c2129803c7339b0dac15c222cbc2bd5abe8574a6d92c8ded03d2e01543fd0fd1e745e4c6eca2701452bb21fabeca7dc0c43c3bc33214bf949

    • SSDEEP

      1536:VqsI5qeUlbG6jejoigI843Ywzi0Zb78ivombfexv0ujXyyed2DtmulgS6pA:TIlMY8+zi0ZbYe1g0ujyzdLA

    Score
    10/10
    redlinesectopratphotoshop_set-upinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks