redline | 4023763ad7b1f3cae1395dcfbfb15317c006526c355914ecf7d8506696e3b1ce | Triage

Submit
Reports

Overview

overview

Static

static

3

0ba8d3824b...18.exe

windows7-x64

0ba8d3824b...18.exe

windows10-2004-x64

Sharing

General

Target

0ba8d3824b3712fcdab59f6329f45ff3_JaffaCakes118
Size

276KB
Sample

241002-vekxssxblm
MD5

0ba8d3824b3712fcdab59f6329f45ff3
SHA1

0f1a26c5c609a45a52cfb56cfd4428c10f25eb83
SHA256

4023763ad7b1f3cae1395dcfbfb15317c006526c355914ecf7d8506696e3b1ce
SHA512

efc5f5cfffc00a279e74eddaed17022271f45a78decfc8a6a90bcdcc3dc81efe103e3ad687fc1077a38172f48bf4b9ee38083d1495900647500ecc7b2aeeff05
SSDEEP

3072:7bL59aCyQdngr5WuYsOyM2vnUEl2hRhWXJ9BmA8heyhQZCVbKkudRj8a4RO6SWgo:7bL5yWu42vSR8ZHmA8Vb2pOROz0Ci

Score

10^/10

redline sectoprat sewpalpadin discovery infostealer rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0ba8d3824b3712fcdab59f6329f45ff3_JaffaCakes118.exe

Resource

win7-20240903-en

redline sectoprat sewpalpadin discovery infostealer rat trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

0ba8d3824b3712fcdab59f6329f45ff3_JaffaCakes118.exe

Resource

win10v2004-20240802-en

redline sectoprat sewpalpadin discovery infostealer rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.114:8887

Targets

- Target
  
  0ba8d3824b3712fcdab59f6329f45ff3_JaffaCakes118
- Size
  
  276KB
- MD5
  
  0ba8d3824b3712fcdab59f6329f45ff3
- SHA1
  
  0f1a26c5c609a45a52cfb56cfd4428c10f25eb83
- SHA256
  
  4023763ad7b1f3cae1395dcfbfb15317c006526c355914ecf7d8506696e3b1ce
- SHA512
  
  efc5f5cfffc00a279e74eddaed17022271f45a78decfc8a6a90bcdcc3dc81efe103e3ad687fc1077a38172f48bf4b9ee38083d1495900647500ecc7b2aeeff05
- SSDEEP
  
  3072:7bL59aCyQdngr5WuYsOyM2vnUEl2hRhWXJ9BmA8heyhQZCVbKkudRj8a4RO6SWgo:7bL5yWu42vSR8ZHmA8Vb2pOROz0Ci
Score

10^/10

redline sectoprat sewpalpadin discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinesectopratsewpalpadindiscoveryinfostealerrattrojan

behavioral2

redlinesectopratsewpalpadindiscoveryinfostealerrattrojan

© 2018-2025

Terms | Privacy