Overview

overview

10

Static

static

3

49b0436bd0...7e.exe

windows7-x64

10

49b0436bd0...7e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    49b0436bd09bf0279f4ee1bc2bcb476c34f854e6ba9a63386a5c3e32db5e2e7e

  • Size

    239KB

  • Sample

    241108-ef8ggstqdx

  • MD5

    d9c6c97ab741e78d4b859d09070e6ed5

  • SHA1

    b8ce6a5438ae94a3480cdf30ded39d0cae0c7b0a

  • SHA256

    49b0436bd09bf0279f4ee1bc2bcb476c34f854e6ba9a63386a5c3e32db5e2e7e

  • SHA512

    55c491345a676984b7f8a509af83d81b28bd583cb5a379e4dfe435529b8148195078d982339503978708461274fd0289b6cd8607a8bc5ac63a72b65e4bdb6d28

  • SSDEEP

    3072:EBhv9sE9ldNaktN1C8EXlMg6oFv09h1pww9uBOVUxYPS5hoaqows0O:EPhtN1TEXPlG31pwG9UxgaqXrO

Score
10/10
redlinesectopratpubdiscoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.20:13441

Targets

    • Target

      49b0436bd09bf0279f4ee1bc2bcb476c34f854e6ba9a63386a5c3e32db5e2e7e

    • Size

      239KB

    • MD5

      d9c6c97ab741e78d4b859d09070e6ed5

    • SHA1

      b8ce6a5438ae94a3480cdf30ded39d0cae0c7b0a

    • SHA256

      49b0436bd09bf0279f4ee1bc2bcb476c34f854e6ba9a63386a5c3e32db5e2e7e

    • SHA512

      55c491345a676984b7f8a509af83d81b28bd583cb5a379e4dfe435529b8148195078d982339503978708461274fd0289b6cd8607a8bc5ac63a72b65e4bdb6d28

    • SSDEEP

      3072:EBhv9sE9ldNaktN1C8EXlMg6oFv09h1pww9uBOVUxYPS5hoaqows0O:EPhtN1TEXPlG31pwG9UxgaqXrO

    Score
    10/10
    redlinesectopratpubdiscoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks