redline

General

Target

8c9784caef490d341216e0da306e7c033f6aab1216b7c52fbd1d83310290dd0e
Size

292KB
Sample

241105-qkxfkaseqk
MD5

13dd7e712edc28b5ff055382950d8586
SHA1

5b14475a26a24c455d9228f2b106bd10793255c0
SHA256

8c9784caef490d341216e0da306e7c033f6aab1216b7c52fbd1d83310290dd0e
SHA512

74de7290134355863441f158b9d848517800dc730301a2bf70f2ec08205829eb47ed57d1f99935c8e47d6a3a7b63d1dea52e995b7ceae01f123523d27f474b56
SSDEEP

6144:cLT9vLXSf16blUFzG43TP4TS8N9gcDf/jhKyLfD:qpTSf1w+znKfBDTw8

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.20:13441

Targets

- Target
  
  8c9784caef490d341216e0da306e7c033f6aab1216b7c52fbd1d83310290dd0e
- Size
  
  292KB
- MD5
  
  13dd7e712edc28b5ff055382950d8586
- SHA1
  
  5b14475a26a24c455d9228f2b106bd10793255c0
- SHA256
  
  8c9784caef490d341216e0da306e7c033f6aab1216b7c52fbd1d83310290dd0e
- SHA512
  
  74de7290134355863441f158b9d848517800dc730301a2bf70f2ec08205829eb47ed57d1f99935c8e47d6a3a7b63d1dea52e995b7ceae01f123523d27f474b56
- SSDEEP
  
  6144:cLT9vLXSf16blUFzG43TP4TS8N9gcDf/jhKyLfD:qpTSf1w+znKfBDTw8
Score

10^/10

redline sectoprat pub discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2