redline | cf852e50e51c5ad571739b3a85b23cc115e6c42f21d76f296258c55ff2021d33 | Triage

Submit
Reports

Overview

overview

Static

static

014b8a8f38...64.exe

windows7-x64

014b8a8f38...64.exe

windows10-2004-x64

Sharing

General

Target

cf852e50e51c5ad571739b3a85b23cc115e6c42f21d76f296258c55ff2021d33
Size

43KB
Sample

240419-w5xvqach5z
MD5

a34673eedf08be6834f09886c245015d
SHA1

f0cb733b99b11b5efdbe85c632a25baea9e81e33
SHA256

cf852e50e51c5ad571739b3a85b23cc115e6c42f21d76f296258c55ff2021d33
SHA512

3cd9d6f7e6e6643abc01358c4e75cb5ea7131fe3d0e638d28cc2119d32ffaa318efb679f2299eb0adb39d112640ea08ca38cb2e3e98ef3981b84ba9b8680ff6b
SSDEEP

768:uqUzOteZoel7g75F1bQrZfWC8p3m98+lhKZsP98V7gL:uzzOy7g7zGr8VK8+lhKZsv

Score

10^/10

redline sectoprat cheat infostealer rat trojan

Static task

static1

cheat redline sectoprat

5 signatures

Behavioral task

behavioral1

Sample

014b8a8f383e2e1535d3d382851529d77e149a71f312db1518bb40a14def7f64.exe

Resource

win7-20240221-en

redline sectoprat cheat infostealer rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

014b8a8f383e2e1535d3d382851529d77e149a71f312db1518bb40a14def7f64.exe

Resource

win10v2004-20240226-en

redline sectoprat cheat infostealer rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

127.0.0.1:1639

Targets

- Target
  
  014b8a8f383e2e1535d3d382851529d77e149a71f312db1518bb40a14def7f64
- Size
  
  95KB
- MD5
  
  27051f78dc07b7d7311d99e8c251d043
- SHA1
  
  bae7840693fbc36cfb9ece8aa65fee589c4e2ae9
- SHA256
  
  014b8a8f383e2e1535d3d382851529d77e149a71f312db1518bb40a14def7f64
- SHA512
  
  fd7afbb9f940f65b7e212e6641d3c4336aa3bc0e9f145d19972eef4d8c95fba4d0a8804510751ba982bd1ffa228d0094c69b3b3efb0d12c6aba370afc48af7e3
- SSDEEP
  
  1536:1qsGfq+TmlbG6jejoigI/43Ywzi0Zb78ivombfexv0ujXyyed2Y3tmulgS6pg:z0taY/+zi0ZbYe1g0ujyzd6g
Score

10^/10

redline sectoprat cheat infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

cheatredlinesectoprat

behavioral1

redlinesectopratcheatinfostealerrattrojan

behavioral2

redlinesectopratcheatinfostealerrattrojan

© 2018-2024

Terms | Privacy