Overview

overview

10

Static

static

3

370aced8d0...e9.exe

windows7-x64

10

370aced8d0...e9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    370aced8d0a259ddbf14222af8babb154ca23764bcc06b59b5f7c84e5bb8fbe9

  • Size

    371KB

  • Sample

    241105-2db2ts1apr

  • MD5

    c6d09638f315c1496b5ed598c030c4c6

  • SHA1

    bc1a2065bd1015e7506e8a0732e59b3e59039cbf

  • SHA256

    370aced8d0a259ddbf14222af8babb154ca23764bcc06b59b5f7c84e5bb8fbe9

  • SHA512

    6d00193efa7601273249ec9bc00402ba61922c0aff0b37f6c79f815c6c75b3d05587fb4f09532b323f7513404fd4385d6a5ff9f8a4c75d4ac16ee502c8b8b3a2

  • SSDEEP

    6144:M4So0bCiHxl/Gv4bYvN/N2CaYuPqhBadIHYVxQGcGLAD62LGszpD/:jExx4XvyCaYQqhodI4j63pD

Score
10/10
redlinesectopratmessi22discoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

MESSI22

C2

74.119.195.242:18417

Targets

    • Target

      370aced8d0a259ddbf14222af8babb154ca23764bcc06b59b5f7c84e5bb8fbe9

    • Size

      371KB

    • MD5

      c6d09638f315c1496b5ed598c030c4c6

    • SHA1

      bc1a2065bd1015e7506e8a0732e59b3e59039cbf

    • SHA256

      370aced8d0a259ddbf14222af8babb154ca23764bcc06b59b5f7c84e5bb8fbe9

    • SHA512

      6d00193efa7601273249ec9bc00402ba61922c0aff0b37f6c79f815c6c75b3d05587fb4f09532b323f7513404fd4385d6a5ff9f8a4c75d4ac16ee502c8b8b3a2

    • SSDEEP

      6144:M4So0bCiHxl/Gv4bYvN/N2CaYuPqhBadIHYVxQGcGLAD62LGszpD/:jExx4XvyCaYQqhodI4j63pD

    Score
    10/10
    redlinesectopratmessi22discoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks