redline | afd668ad5845bf7d3ccda07a7dfd623ce5cfff094989edb14e32252d203b00d7 | Triage

Submit
Reports

Overview

overview

Static

static

3

afd668ad58...d7.exe

windows7-x64

afd668ad58...d7.exe

windows10-2004-x64

Sharing

General

Target

afd668ad5845bf7d3ccda07a7dfd623ce5cfff094989edb14e32252d203b00d7
Size

350KB
Sample

241012-ykw4sssfrl
MD5

76bc599f80bd0de1dfaa996828576ae1
SHA1

276da80f9858bba309a2a870ae4340edb2ee178c
SHA256

afd668ad5845bf7d3ccda07a7dfd623ce5cfff094989edb14e32252d203b00d7
SHA512

4d5885302c912f29994f14b54c41fcce477fde8bca79a04c7c89c66b325c2ed7aed7a95e179fd9b05657b36df7b20de0fe1ed1804f9682f209c2cea425985421
SSDEEP

6144:q3iD1FLscJQX7eOWTKATPFboJcPhsLK+ZrNVfs8V:qSDxQK8ATPVPuN2

Score

10^/10

redline sectoprat sewpalpadin discovery infostealer rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

afd668ad5845bf7d3ccda07a7dfd623ce5cfff094989edb14e32252d203b00d7.exe

Resource

win7-20240903-en

redline sectoprat sewpalpadin discovery infostealer rat trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

afd668ad5845bf7d3ccda07a7dfd623ce5cfff094989edb14e32252d203b00d7.exe

Resource

win10v2004-20241007-en

redline sectoprat sewpalpadin discovery infostealer rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.114:8887

Targets

- Target
  
  afd668ad5845bf7d3ccda07a7dfd623ce5cfff094989edb14e32252d203b00d7
- Size
  
  350KB
- MD5
  
  76bc599f80bd0de1dfaa996828576ae1
- SHA1
  
  276da80f9858bba309a2a870ae4340edb2ee178c
- SHA256
  
  afd668ad5845bf7d3ccda07a7dfd623ce5cfff094989edb14e32252d203b00d7
- SHA512
  
  4d5885302c912f29994f14b54c41fcce477fde8bca79a04c7c89c66b325c2ed7aed7a95e179fd9b05657b36df7b20de0fe1ed1804f9682f209c2cea425985421
- SSDEEP
  
  6144:q3iD1FLscJQX7eOWTKATPFboJcPhsLK+ZrNVfs8V:qSDxQK8ATPVPuN2
Score

10^/10

redline sectoprat sewpalpadin discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinesectopratsewpalpadindiscoveryinfostealerrattrojan

behavioral2

redlinesectopratsewpalpadindiscoveryinfostealerrattrojan

© 2018-2024

Terms | Privacy