redline | 28fb6b2de2cd059803841028b25808a687ba991ca647a3c4295a0a75201dad83 | Triage

Submit
Reports

Overview

overview

Static

static

919b77af42...71.exe

windows7-x64

919b77af42...71.exe

windows10-2004-x64

Sharing

General

Target

28fb6b2de2cd059803841028b25808a687ba991ca647a3c4295a0a75201dad83
Size

43KB
Sample

241107-ta64ssxpal
MD5

2050a8a514b80b84f8d3c2202aea15be
SHA1

88bc4d939e0d98cd702f66a0e7ac103f5404554d
SHA256

28fb6b2de2cd059803841028b25808a687ba991ca647a3c4295a0a75201dad83
SHA512

faff60003a08bc2d5870670dc5a34ff11f18aaacc8a097c588d18934a499f8a205ab980d3d9ff02e74dd49747c5d690a771d3622b8f8c62f953eb6eda3777e76
SSDEEP

768:fDq7FEqJ9OoJpONDMNJ8cmJBF48MN3L82Oot++Lk833viZ:f0FbJooJpONOJ8cmv2C1/Yo

Score

10^/10

redline sectoprat discovery infostealer rat trojan

Static task

static1

redline sectoprat

5 signatures

Behavioral task

behavioral1

Sample

919b77af42852ca9f7a7a2314d9a6a66287720f62a0af1c74dad286075aff171.exe

Resource

win7-20241010-en

redline sectoprat discovery infostealer rat trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

919b77af42852ca9f7a7a2314d9a6a66287720f62a0af1c74dad286075aff171.exe

Resource

win10v2004-20241007-en

redline sectoprat discovery infostealer rat trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  919b77af42852ca9f7a7a2314d9a6a66287720f62a0af1c74dad286075aff171.exe
- Size
  
  95KB
- MD5
  
  8934175e192fb04a711ef3ace14133fb
- SHA1
  
  55b78566d2ba27755a9f30efb39984f804ee6534
- SHA256
  
  919b77af42852ca9f7a7a2314d9a6a66287720f62a0af1c74dad286075aff171
- SHA512
  
  0addddc8ff43867d7fb40880240b3cb883d18e4ae0dcb566d18d0d7e5473232c5d9b8cc2f210c47c779d2cbf77876c647cc50c6863934df4750d93ddb4037107
- SSDEEP
  
  1536:Nqs4iqeHlbG6jejoigIH43Ywzi0Zb78ivombfexv0ujXyyed2y3teulgS6pIl:7/pVYH+zi0ZbYe1g0ujyzdkI
Score

10^/10

redline sectoprat discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

redlinesectoprat

behavioral1

redlinesectopratdiscoveryinfostealerrattrojan

behavioral2

redlinesectopratdiscoveryinfostealerrattrojan

© 2018-2025

Terms | Privacy