Overview

overview

10

Static

static

10

build.exe

windows10-1703-x64

10

build.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    build.exe

  • Size

    95KB

  • Sample

    240601-s5pbssgd98

  • MD5

    225534dbeab7b6816fdc971979f1e130

  • SHA1

    c53b100df2eccc7364916ef5a41e4a008813a3f7

  • SHA256

    5edd189e314b87dcfbfdcb728fbd62e5770b5bbe67527a08debb08f77233f760

  • SHA512

    3541d78f1cb177f1470b4b6337649b00a0bfbd2f2f37ba8639ffc0b25d0491744318d17b5c5f4db53a2ac3688cb0315bd022516069285bb3e8fb9d0dcb8e366d

  • SSDEEP

    1536:RqsqFqJklbG6jejoigIg43Ywzi0Zb78ivombfexv0ujXyyed2r3tmulgS6pE:/6ScYg+zi0ZbYe1g0ujyzdbE

Score
10/10
redlinesectopratcheatinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

each-qualified.gl.at.ply.gg:1337

Targets

    • Target

      build.exe

    • Size

      95KB

    • MD5

      225534dbeab7b6816fdc971979f1e130

    • SHA1

      c53b100df2eccc7364916ef5a41e4a008813a3f7

    • SHA256

      5edd189e314b87dcfbfdcb728fbd62e5770b5bbe67527a08debb08f77233f760

    • SHA512

      3541d78f1cb177f1470b4b6337649b00a0bfbd2f2f37ba8639ffc0b25d0491744318d17b5c5f4db53a2ac3688cb0315bd022516069285bb3e8fb9d0dcb8e366d

    • SSDEEP

      1536:RqsqFqJklbG6jejoigIg43Ywzi0Zb78ivombfexv0ujXyyed2r3tmulgS6pE:/6ScYg+zi0ZbYe1g0ujyzdbE

    Score
    10/10
    redlinesectopratcheatinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks