Overview

overview

10

Static

static

3

45a5f18a1f...ac.exe

windows7-x64

10

45a5f18a1f...ac.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    45a5f18a1fe72a7c5063c42b88f179e21cccdc676c2a56997f0db68747969aac

  • Size

    412KB

  • Sample

    241107-a194lasblq

  • MD5

    6a5b9a0d7f9ab1ca8f04b0fcd16daf2c

  • SHA1

    8d5ffa23695724db53804da9261db3a2b2f8eaea

  • SHA256

    45a5f18a1fe72a7c5063c42b88f179e21cccdc676c2a56997f0db68747969aac

  • SHA512

    389db5fd5310a7329e7d6acfa5f75ad526a85e3ed3b3238405ea4e47de826459eca832328f8d996d203ffceffd18340b71b4b2eacadc672debc34dd4b2abb27a

  • SSDEEP

    6144:xifll4WRh+NIwRBts3l3Xkv9UDY1rwXrP+5MC/6uvJV+:kfll4WrmIwds1HkFUkrSP+5MCiG+

Score
10/10
redlinesectopratmoneydiscoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

money

C2

45.142.215.47:27643

Attributes
  • auth_value

    9491a1c5e11eb6097e68a4fa8627fda8

Targets

    • Target

      45a5f18a1fe72a7c5063c42b88f179e21cccdc676c2a56997f0db68747969aac

    • Size

      412KB

    • MD5

      6a5b9a0d7f9ab1ca8f04b0fcd16daf2c

    • SHA1

      8d5ffa23695724db53804da9261db3a2b2f8eaea

    • SHA256

      45a5f18a1fe72a7c5063c42b88f179e21cccdc676c2a56997f0db68747969aac

    • SHA512

      389db5fd5310a7329e7d6acfa5f75ad526a85e3ed3b3238405ea4e47de826459eca832328f8d996d203ffceffd18340b71b4b2eacadc672debc34dd4b2abb27a

    • SSDEEP

      6144:xifll4WRh+NIwRBts3l3Xkv9UDY1rwXrP+5MC/6uvJV+:kfll4WrmIwds1HkFUkrSP+5MCiG+

    Score
    10/10
    redlinesectopratmoneydiscoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks