Overview

overview

10

Static

static

3

765fac3632...18.exe

windows7-x64

10

765fac3632...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    765fac3632651ffa759112181cff4069_JaffaCakes118

  • Size

    1021KB

  • Sample

    241027-2wzwlsskcy

  • MD5

    765fac3632651ffa759112181cff4069

  • SHA1

    f942322b958ceef93beceeed3047a112290af215

  • SHA256

    a7197ddb532acf2a80183545cce111c23feba2cd75356361fe50b5d9a467a0b5

  • SHA512

    896d37822f4a351da2f341e42fb3b71391bb3b424f7f5f2b49e43aa6e760579e8b617dcdbba9d038d11c2cda6df3a48aec22129c5c60176684f3ae6ce4f55455

  • SSDEEP

    24576:/fbQzCpNInDMNjbKHwRwIm8iJXnSNJYg3M:3b/InghbKjYiJXScg3

Score
10/10
redlinesectopratvenita_test_2k_05.08.21discoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

Venita_test_2k_05.08.21

C2

yspasenana.xyz:80

Targets

    • Target

      765fac3632651ffa759112181cff4069_JaffaCakes118

    • Size

      1021KB

    • MD5

      765fac3632651ffa759112181cff4069

    • SHA1

      f942322b958ceef93beceeed3047a112290af215

    • SHA256

      a7197ddb532acf2a80183545cce111c23feba2cd75356361fe50b5d9a467a0b5

    • SHA512

      896d37822f4a351da2f341e42fb3b71391bb3b424f7f5f2b49e43aa6e760579e8b617dcdbba9d038d11c2cda6df3a48aec22129c5c60176684f3ae6ce4f55455

    • SSDEEP

      24576:/fbQzCpNInDMNjbKHwRwIm8iJXnSNJYg3M:3b/InghbKjYiJXScg3

    Score
    10/10
    redlinesectopratvenita_test_2k_05.08.21discoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks