redline | bae78ca8b47c5eb30b7db127e0c8ec889536719d55e4deab8ddff49799069ab7 | Triage

Submit
Reports

Overview

overview

Static

static

cc Gen+Che...i0.exe

windows7-x64

cc Gen+Che...i0.exe

windows10-2004-x64

Sharing

General

Target

cc Gen+CheckerbyDaySkii0.rar
Size

3.2MB
Sample

240810-n5tt3aybln
MD5

0d346302af554594a4e3e99f27d63cac
SHA1

cb95fa1fa774c2789efea961acf256c4a44fd106
SHA256

bae78ca8b47c5eb30b7db127e0c8ec889536719d55e4deab8ddff49799069ab7
SHA512

11fbf7a114bba618471ab88b6aca947a5740408ade883ad787e7943ea0f887702913c88b4458def7f14d728e785e14c5ff10933df307fd91758fc1d99f9c7232
SSDEEP

49152:3uMMWJtR+6RHBcz/IAU0fEQ/zBQqJhewKU6xGMTeI/zI/vcAR4YsTg9NIGf0ks:+M9bpRxZgECDjeoMTeeuvcK4YEg92GMb

Score

10^/10

redline sectoprat cheat discovery infostealer rat trojan

Static task

static1

cheat redline sectoprat

5 signatures

Behavioral task

behavioral1

Sample

cc Gen+CheckerbyDaySkii0/cc Gen+CheckerbyDaySkii0.exe

Resource

win7-20240705-en

redline sectoprat cheat discovery infostealer rat trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

cc Gen+CheckerbyDaySkii0/cc Gen+CheckerbyDaySkii0.exe

Resource

win10v2004-20240802-en

redline sectoprat cheat discovery infostealer rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

86.13.96.164:2066

Targets

- Target
  
  cc Gen+CheckerbyDaySkii0/cc Gen+CheckerbyDaySkii0.exe
- Size
  
  95KB
- MD5
  
  5e2c99e908df917aa9d6839f22f37bef
- SHA1
  
  579c486c92fb16cf0393a754001b2ffb5dcfa69a
- SHA256
  
  52c0c2252f4134952b5c9a34e3502fd9eb7566a0ee925a630bc1d82fee787325
- SHA512
  
  ed34510d55ff625cad85639f85cc8656d3d9abe7d45472c00d6326b7885d12562848bc43a63be490ab1c56966c015fe67f977221b3f13afa808b282a3b7c9be3
- SSDEEP
  
  1536:xqskjlqzWlbG6jejoigIr43Ywzi0Zb78ivombfexv0ujXyyed2E3teulgS6pk:fYUeYr+zi0ZbYe1g0ujyzdKk
Score

10^/10

redline sectoprat cheat discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

cheatredlinesectoprat

behavioral1

redlinesectopratcheatdiscoveryinfostealerrattrojan

behavioral2

redlinesectopratcheatdiscoveryinfostealerrattrojan

© 2018-2024

Terms | Privacy