redline

General

Target

0cfd5c42375737ecd1186c43743344c3485163e5bc511cfc20dc03b7a64bec01
Size

398KB
Sample

241107-pwc1masdpd
MD5

34ab4db5d70a3b165d57e73e77d7c7b9
SHA1

c2e99c94cc5633da89047ec347d4600040426eb4
SHA256

0cfd5c42375737ecd1186c43743344c3485163e5bc511cfc20dc03b7a64bec01
SHA512

dcd9b1737d27cefcdf51e87b6d777cc8a27752cb6d5ab4eb54e1d15eba89a06051fd764fbd7ecd83e3f002cf9264b2896951dfe121dc3f7810c7a56cb7bf6488
SSDEEP

12288:tIxx8ke7+mHCa1n69HLYs6L1szovt1pN:iO+mHIYs2coPj

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.114:8887

Targets

- Target
  
  0cfd5c42375737ecd1186c43743344c3485163e5bc511cfc20dc03b7a64bec01
- Size
  
  398KB
- MD5
  
  34ab4db5d70a3b165d57e73e77d7c7b9
- SHA1
  
  c2e99c94cc5633da89047ec347d4600040426eb4
- SHA256
  
  0cfd5c42375737ecd1186c43743344c3485163e5bc511cfc20dc03b7a64bec01
- SHA512
  
  dcd9b1737d27cefcdf51e87b6d777cc8a27752cb6d5ab4eb54e1d15eba89a06051fd764fbd7ecd83e3f002cf9264b2896951dfe121dc3f7810c7a56cb7bf6488
- SSDEEP
  
  12288:tIxx8ke7+mHCa1n69HLYs6L1szovt1pN:iO+mHIYs2coPj
Score

10^/10

redline sectoprat sewpalpadin discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2