redline | 5d00bc14c07ba88a43f5dde8c1622f277c93e3a5b986491a9d896cce74934647 | Triage

Submit
Reports

Overview

overview

Static

static

3

66e732365f...18.exe

windows7-x64

66e732365f...18.exe

windows10-2004-x64

Sharing

General

Target

66e732365f42c690cda32efa41469333_JaffaCakes118
Size

314KB
Sample

240723-kswaksxdra
MD5

66e732365f42c690cda32efa41469333
SHA1

27637576ad32f00d95908c322aca081393a9d8e7
SHA256

5d00bc14c07ba88a43f5dde8c1622f277c93e3a5b986491a9d896cce74934647
SHA512

49c817f163006189a27fa0e3324783e432b6054049774b9c2ecbcdd28e6c5567a551cdbb18a463061c9d4c13944507d02a86c37a2c9e5cc291a73faa6e67f624
SSDEEP

6144:QNmuwy0ltmME/QsrnzttYYEOODB1jnRG4MCiZCTcvK4Z00c:QEhXltmysrnzttHo1FG4iCTc3Ze

Score

10^/10

redline sectoprat sewpalpadin infostealer rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

66e732365f42c690cda32efa41469333_JaffaCakes118.exe

Resource

win7-20240704-en

redline sectoprat sewpalpadin infostealer rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

66e732365f42c690cda32efa41469333_JaffaCakes118.exe

Resource

win10v2004-20240709-en

redline sectoprat sewpalpadin infostealer rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.29:18087

Targets

- Target
  
  66e732365f42c690cda32efa41469333_JaffaCakes118
- Size
  
  314KB
- MD5
  
  66e732365f42c690cda32efa41469333
- SHA1
  
  27637576ad32f00d95908c322aca081393a9d8e7
- SHA256
  
  5d00bc14c07ba88a43f5dde8c1622f277c93e3a5b986491a9d896cce74934647
- SHA512
  
  49c817f163006189a27fa0e3324783e432b6054049774b9c2ecbcdd28e6c5567a551cdbb18a463061c9d4c13944507d02a86c37a2c9e5cc291a73faa6e67f624
- SSDEEP
  
  6144:QNmuwy0ltmME/QsrnzttYYEOODB1jnRG4MCiZCTcvK4Z00c:QEhXltmysrnzttHo1FG4iCTc3Ze
Score

10^/10

redline sectoprat sewpalpadin infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesectopratsewpalpadininfostealerrattrojan

behavioral2

redlinesectopratsewpalpadininfostealerrattrojan

© 2018-2024

Terms | Privacy