redline | 9b32c009b988670f78883b30f9a0bae23395192201f371f051e22951038ce266 | Triage

Submit
Reports

Overview

overview

Static

static

3

HWID Spoofer.exe

windows10-2004-x64

Sharing

General

Target

HWID Spoofer.exe
Size

416KB
Sample

240726-z6lqmaydqa
MD5

5de4c72bce14113d19cbfa33964b27b9
SHA1

f645ef666f062175e57c94a9b48e9a3fdef1c99d
SHA256

9b32c009b988670f78883b30f9a0bae23395192201f371f051e22951038ce266
SHA512

ce586245a154e7dad32fecbf5e2497e99361c80233bfdb2b39bd16c1abccc1eac0350d60a02a330503fab75b89948f913fdc6d85da0602e6affed4c5c544f261
SSDEEP

12288:aJcsKRRnIYVD0FiKvgjjsbyqgc8o/OvpOYl31LU:aJcX/V4CjsbyqF/OvgYFa

Score

10^/10

redline sectoprat @bigkoss discovery infostealer rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

HWID Spoofer.exe

Resource

win10v2004-20240709-en

redline sectoprat @bigkoss discovery infostealer rat trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

@bigkoss

C2

51.254.69.209:48987

Targets

- Target
  
  HWID Spoofer.exe
- Size
  
  416KB
- MD5
  
  5de4c72bce14113d19cbfa33964b27b9
- SHA1
  
  f645ef666f062175e57c94a9b48e9a3fdef1c99d
- SHA256
  
  9b32c009b988670f78883b30f9a0bae23395192201f371f051e22951038ce266
- SHA512
  
  ce586245a154e7dad32fecbf5e2497e99361c80233bfdb2b39bd16c1abccc1eac0350d60a02a330503fab75b89948f913fdc6d85da0602e6affed4c5c544f261
- SSDEEP
  
  12288:aJcsKRRnIYVD0FiKvgjjsbyqgc8o/OvpOYl31LU:aJcX/V4CjsbyqF/OvgYFa
Score

10^/10

redline sectoprat @bigkoss discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinesectoprat@bigkossdiscoveryinfostealerrattrojan

© 2018-2024

Terms | Privacy