Overview

overview

10

Static

static

3

8d4e3d5ef6...f2.exe

windows7-x64

10

8d4e3d5ef6...f2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8d4e3d5ef6c012de71d3d1a3d10c54ed40cbf744fcd621ce7ba4541ff587a8f2

  • Size

    381KB

  • Sample

    241108-hwqs6azphq

  • MD5

    89e42199b903b99de969dac5704ef918

  • SHA1

    172a92114ff2f26e7a05f463f476b63f169c14d5

  • SHA256

    8d4e3d5ef6c012de71d3d1a3d10c54ed40cbf744fcd621ce7ba4541ff587a8f2

  • SHA512

    a55fe37bd4967cb1d38974b1fb24e2be48d5462928a237ea30633db6c31449e7279b3f33da63b05b2ff4e990f518d39b54a8437bf72d532494afeaab83fc01f5

  • SSDEEP

    6144:txFuvPpo59N10FHqaT7P9LUWxdZQJ6xFVGL8iCyoaHqO8bx0Etj1TCPs/W:1uvPpo59NWF59L9XQOFVc8iLoaKO8bxB

Score
10/10
redlinesectopratudpdiscoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.20:13441

Targets

    • Target

      8d4e3d5ef6c012de71d3d1a3d10c54ed40cbf744fcd621ce7ba4541ff587a8f2

    • Size

      381KB

    • MD5

      89e42199b903b99de969dac5704ef918

    • SHA1

      172a92114ff2f26e7a05f463f476b63f169c14d5

    • SHA256

      8d4e3d5ef6c012de71d3d1a3d10c54ed40cbf744fcd621ce7ba4541ff587a8f2

    • SHA512

      a55fe37bd4967cb1d38974b1fb24e2be48d5462928a237ea30633db6c31449e7279b3f33da63b05b2ff4e990f518d39b54a8437bf72d532494afeaab83fc01f5

    • SSDEEP

      6144:txFuvPpo59N10FHqaT7P9LUWxdZQJ6xFVGL8iCyoaHqO8bx0Etj1TCPs/W:1uvPpo59NWF59L9XQOFVc8iLoaKO8bxB

    Score
    10/10
    redlinesectopratudpdiscoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks