Overview

overview

10

Static

static

1

qcxtqseqebql.exe

windows7-x64

1

qcxtqseqebql.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    qcxtqseqebql.exe

  • Size

    906KB

  • Sample

    240726-yfptxs1ajj

  • MD5

    5be2d003e408042bb49e562408a56b1a

  • SHA1

    c38b4ce70381d017e19ca7cdae1595723dbca0d3

  • SHA256

    4b39395783ee4f8ab3197c93738788d8f6b375bbe57a2f2337e5ba122bcd4fa8

  • SHA512

    7dc6838bc8c015f430d691be3cc2aa8d2974ffb52c9ec00dbf36eb7633e343ce536606b075f4ac71e25b3e1c189fcf1c4ff3b90f609264d8b642aedfaf80a801

  • SSDEEP

    12288:Whc5AL/ak6i64ikkc4AWpORikNoVqM3hgg9S6hz5AsG6o2Pxv:Wm4R6i6jTAWpNgcxNsoAbXuv

Score
10/10
redlinesectopratcheatinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

154.81.220.233:28105

Targets

    • Target

      qcxtqseqebql.exe

    • Size

      906KB

    • MD5

      5be2d003e408042bb49e562408a56b1a

    • SHA1

      c38b4ce70381d017e19ca7cdae1595723dbca0d3

    • SHA256

      4b39395783ee4f8ab3197c93738788d8f6b375bbe57a2f2337e5ba122bcd4fa8

    • SHA512

      7dc6838bc8c015f430d691be3cc2aa8d2974ffb52c9ec00dbf36eb7633e343ce536606b075f4ac71e25b3e1c189fcf1c4ff3b90f609264d8b642aedfaf80a801

    • SSDEEP

      12288:Whc5AL/ak6i64ikkc4AWpORikNoVqM3hgg9S6hz5AsG6o2Pxv:Wm4R6i6jTAWpNgcxNsoAbXuv

    Score
    10/10
    redlinesectopratcheatinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks