redline

General

Target

6559e170da9fdc24b8d20df24603a8cd2e7b313b5da1abfb6fa791bfacc12748
Size

360KB
Sample

241107-hwdhtsxgqa
MD5

eccf75aec7a03eec19c38412f024a823
SHA1

5b093ed04dd55f853f99dca8b3792fa7b4d767bd
SHA256

6559e170da9fdc24b8d20df24603a8cd2e7b313b5da1abfb6fa791bfacc12748
SHA512

70b4e2d4281295125a1044d1e34caa5b2907cb893f84d35fb3a17b8e8173edcce03981b5e0c86c1b0d28537ee0bafff0861e366124b4e908c0cbfb7ba6e207de
SSDEEP

6144:j4ORZZvU9SPr3n2C1WK8U+sHmRcFX+CrBR2V7d:j1fZvUg32C1IU+vRc97BIN

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.20:13441

Targets

- Target
  
  6559e170da9fdc24b8d20df24603a8cd2e7b313b5da1abfb6fa791bfacc12748
- Size
  
  360KB
- MD5
  
  eccf75aec7a03eec19c38412f024a823
- SHA1
  
  5b093ed04dd55f853f99dca8b3792fa7b4d767bd
- SHA256
  
  6559e170da9fdc24b8d20df24603a8cd2e7b313b5da1abfb6fa791bfacc12748
- SHA512
  
  70b4e2d4281295125a1044d1e34caa5b2907cb893f84d35fb3a17b8e8173edcce03981b5e0c86c1b0d28537ee0bafff0861e366124b4e908c0cbfb7ba6e207de
- SSDEEP
  
  6144:j4ORZZvU9SPr3n2C1WK8U+sHmRcFX+CrBR2V7d:j1fZvUg32C1IU+vRc97BIN
Score

10^/10

redline sectoprat udp discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2