Overview

overview

10

Static

static

10

7313c7883a...fc.exe

windows7-x64

10

7313c7883a...fc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    79ce0a718e7fe1c2d2709997cdc92e20bb0204c8f3cef7d075a3f0b0715db9a5

  • Size

    43KB

  • Sample

    241106-lq58faycpm

  • MD5

    7e74caf51b2a4f6ac7cff4b3f585e6f2

  • SHA1

    4b513be187a8fba7cb8ca6c4fcd0a88fa100603e

  • SHA256

    79ce0a718e7fe1c2d2709997cdc92e20bb0204c8f3cef7d075a3f0b0715db9a5

  • SHA512

    5971331236547c4f151e99317bc7de1fdb3025af3cd795b188b0653e604d167b7bc7b08dd3f1b620b490b9cc06564afde0c8ae59154ced7ff4894f468f578738

  • SSDEEP

    768:yQWmK/GRvPgJa3fhsAEmLFeXxaO9xbSHQHCn8Iu5zIg7pP0fgE13oNhAGVU:kmKOxr3xYxaO9xewHC8hhIg7pP0fpES

Score
10/10
redlinesectopratcleandiscoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

clean

C2

109.107.179.248:80

Targets

    • Target

      7313c7883a4550db59cd59fac2172c3c258273a3efbd9dafeb70f21fdb6f3ffc.exe

    • Size

      100KB

    • MD5

      8cddec47fcb7ba27c5d40fff87274fe9

    • SHA1

      c39bcddcc4a00ad0a889920b21545b47c5508b0b

    • SHA256

      7313c7883a4550db59cd59fac2172c3c258273a3efbd9dafeb70f21fdb6f3ffc

    • SHA512

      9ddd0fc7466eb8c52b37dc6be6146f67448a26d155693d234b6c3508677f557c621c539c83bd6506e15727709827762a94e7fff58a826a5f44004b6984244fb0

    • SSDEEP

      1536:0G6ijoigSqFOLap5Lq/Fve0igdcVVlmbfaxv0ujXyyedO34kwEEU:Dme/FveOdcos0ujyzdHU

    Score
    10/10
    redlinesectopratcleandiscoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks