redline

General

Target

8f24fae4e330e0fc92d6c1e665538d43_JaffaCakes118
Size

322KB
Sample

241104-e1jc4awndq
MD5

8f24fae4e330e0fc92d6c1e665538d43
SHA1

f0904364d2195fa4e05cd51354315935bb1b0ac4
SHA256

1a7b59228eb80c77fbbe268f906dd8452d24750c67cc216ae2b4aead840dd504
SHA512

8b1ead96fc7f5651fa607f9d80d00527fac5e1f1fa618d4cff436e9e45c5d8299b8ca7d9004c03497e46e18778c6b67db938dbe43a9ba759a18ced0bd076aa4f
SSDEEP

6144:1hs4cHdHJMaV2MXMKz+PRyJbOb1d9WWCIwHoLA:Xs40OF+KZs8l9C5ILA

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.114:8887

Targets

- Target
  
  8f24fae4e330e0fc92d6c1e665538d43_JaffaCakes118
- Size
  
  322KB
- MD5
  
  8f24fae4e330e0fc92d6c1e665538d43
- SHA1
  
  f0904364d2195fa4e05cd51354315935bb1b0ac4
- SHA256
  
  1a7b59228eb80c77fbbe268f906dd8452d24750c67cc216ae2b4aead840dd504
- SHA512
  
  8b1ead96fc7f5651fa607f9d80d00527fac5e1f1fa618d4cff436e9e45c5d8299b8ca7d9004c03497e46e18778c6b67db938dbe43a9ba759a18ced0bd076aa4f
- SSDEEP
  
  6144:1hs4cHdHJMaV2MXMKz+PRyJbOb1d9WWCIwHoLA:Xs40OF+KZs8l9C5ILA
Score

10^/10

redline sectoprat sewpalpadin discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2