Overview

overview

10

Static

static

3

757f0a9413...18.exe

windows7-x64

10

757f0a9413...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    757f0a9413bdf1e4b1c9b9abc66eb629_JaffaCakes118

  • Size

    423KB

  • Sample

    241025-ax75tszbkr

  • MD5

    757f0a9413bdf1e4b1c9b9abc66eb629

  • SHA1

    248f4810bb3d4350b2bb09eced1c557e9fcc8740

  • SHA256

    bf96ed8aa602b7611ef90657e75b9612d2a49e57acdfaf4c3f8b40ef562651cc

  • SHA512

    187b009618d29c7414e74e84a4fc99ee206004f5d519fa462d159b6c2843a6237ea3ee8168647cddea30a4ce77293cf40d84c9b965c8ebaeec718a101a191e04

  • SSDEEP

    6144:Q7aSvtHjxBLSfDQLUj1iA+rfdSjGpsoZ2bcgy4rvEGs7437sFjrJKPiEOr11Hk7K:OvtD/PLUjcwjGmo6HvjsEAFjcRYNk8C

Score
10/10
redlinesectopratsewpalpadindiscoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.114:8887

Targets

    • Target

      757f0a9413bdf1e4b1c9b9abc66eb629_JaffaCakes118

    • Size

      423KB

    • MD5

      757f0a9413bdf1e4b1c9b9abc66eb629

    • SHA1

      248f4810bb3d4350b2bb09eced1c557e9fcc8740

    • SHA256

      bf96ed8aa602b7611ef90657e75b9612d2a49e57acdfaf4c3f8b40ef562651cc

    • SHA512

      187b009618d29c7414e74e84a4fc99ee206004f5d519fa462d159b6c2843a6237ea3ee8168647cddea30a4ce77293cf40d84c9b965c8ebaeec718a101a191e04

    • SSDEEP

      6144:Q7aSvtHjxBLSfDQLUj1iA+rfdSjGpsoZ2bcgy4rvEGs7437sFjrJKPiEOr11Hk7K:OvtD/PLUjcwjGmo6HvjsEAFjcRYNk8C

    Score
    10/10
    redlinesectopratsewpalpadindiscoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks