redline | 10c55d55924f55ca7cbb8a6e95c3abb0bc26e81c128e76b6c4aa51ed3fb014e9 | Triage

Sharing

General

Target

821740e9d40e50bf39cd96956b75f8bf
Size

1.3MB
Sample

241108-ljpxwazgnl
MD5

821740e9d40e50bf39cd96956b75f8bf
SHA1

d84a7e77b8dcd72a5e7d2943c8a11fc6e848a7bb
SHA256

10c55d55924f55ca7cbb8a6e95c3abb0bc26e81c128e76b6c4aa51ed3fb014e9
SHA512

9510b294b92a91bb6defa7b4b8517233a4685e7c8d39cb6e315be78a02a604c4382deb506f2ddf527c0cbdac98070f081931917c0f957333c2b20dd09054974e
SSDEEP

24576:+S2vXz4nu3lDUeJPQYCeokI8zaEdMvFqLX1wBqmtwAuvGZ4GuP:+S2/MnyaeJPFCeo783dMvFOlwBFtKHP

Score

10^/10

redline sectoprat discovery infostealer rat trojan

Malware Config

Targets

- Target
  
  Aimjunkie Loader.exe
- Size
  
  532KB
- MD5
  
  1665e228af4ee05ae6e8cc89ac51f278
- SHA1
  
  ff646105f95d60bfca7a5571b3120c692518ade2
- SHA256
  
  58f3e190250ad178a8f94c7c50e88e97a9ddacaa199703847d1e40a2572df4f3
- SHA512
  
  06970a77db6fed90e73db1c0e07b61346153d602e3b03f18bfd1df755180da3068e8cbb9d48ca13443ddadb95914e1426ac4a96f52d033d32d8d86ecdd0a5724
- SSDEEP
  
  12288:pmaUarzUBq4mGtS+JOvcZ45ZveZmw0x8uJ:UabrzUBq4RwgOvcZ4MmHvJ
Score

10^/10

redline sectoprat infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2
- Target
  
  AutoUpdater.NET.dll
- Size
  
  379KB
- MD5
  
  ebf6e83aec3e44834e6d66c68e052e49
- SHA1
  
  4dbd0baf755f24ea07601c0f5c3de9224c391b51
- SHA256
  
  1420b519fe9276bb066ee90ea6cacd7d9af18b6c860d217331adfaa5579629a3
- SHA512
  
  d55184fffa22ee22498bbfa3ad1917c869b88482923abd84262b01f221189a15861b133a9b3279eadd620f53cd371b868c7b6d1854fff707462b7f59c2a20c6b
- SSDEEP
  
  6144:hHxlAuGppbh/9mLO6jTKNw2hhg6Eyl6EDW6Eay6EqhF6Epy6EJa26Evp6EDd6Esm:hHxlAumhh/B6jTuwAA
Score

1^/10
behavioral3 behavioral4
- Target
  
  Octokit.dll
- Size
  
  968KB
- MD5
  
  37e7f2f94f9d413774a0e79f4e195ec2
- SHA1
  
  9946aab9ef4677133fa86ed03ea967156f08270b
- SHA256
  
  3a0bd4033ba3ce06fd0b87712cbd68235c43f6bed96e3943ef4dfe2f252e4215
- SHA512
  
  6d412814811652048b0f55aeefed453d0c22d5fe737a6fd85d19bf4c431b475d9f5027639071457a7f72538e7ce54868d4675615b3f17e1be2c542aae580e008
- SSDEEP
  
  24576:auz9S/5GqttrBAooNmUDD7C5wyElFHVNndG7:8GNmUDD7C5wygFHVpdG7
Score

1^/10
behavioral5 behavioral6
- Target
  
  QueryMaster.dll
- Size
  
  149KB
- MD5
  
  b9bf2ca76789eadd59703bf7b6951d00
- SHA1
  
  fecc64c761fbaec8aac4493e67f6bb83e34b4fb9
- SHA256
  
  c1373c5efc50386d780cf7473ed3b9269ba70f3b3fc0a3e35fab9e2d4efa7408
- SHA512
  
  907b50946a72bc947a9625f9fec92206666296a0e9c7c910eb006139d37bb46bd4f77b5fb32260a40ff44d0f886bf856ecb7895f1e3e542ab81e0b452120fe38
- SSDEEP
  
  3072:vEDqfg+evpylh6gQbPbh8UIn/vZlc7XCEgWS8JJlYvtTDiXzB5:wT+eYlhq3f6HZMyE0vte9
Score

1^/10
behavioral7 behavioral8
- Target
  
  bypass/spoofer.efi
- Size
  
  19KB
- MD5
  
  ae27112d53e91476a680349e970561c8
- SHA1
  
  f8c555f98f036fc23633cf0fb07b194c77b62f59
- SHA256
  
  87757a7473668a6b09291db9837ccfaa98312b753c0aa321e285a47e1127df4a
- SHA512
  
  925b5b5a224dfed3549211b145cc375e9ffc8c5fe0d5f60cdd039f762609ec7a6193dbbf3655fde7555c10edc3609b6ad572de7d02e6cc2896947965e85d5fa2
- SSDEEP
  
  384:lDWaLKWErzBpRv8Tj8JZC5NoYA5vDBRJll3Tj2scA:LY+MJaih1PvT4A
Score

1^/10
behavioral10 behavioral9
- Target
  
  bypass/winload.efi
- Size
  
  29KB
- MD5
  
  1bf80c3bdbe730461d4087438f1f23a0
- SHA1
  
  9d445039e300356e34bcfd6feb48f709c0ac59b3
- SHA256
  
  648317f6c727a8471c777caba6571a7ea9ff7e943955ef402164cd3e858e5c7d
- SHA512
  
  abe3c746204427a99b46bfcd4ba4ca6bd3979480597defb9e51b68d977ba3ee340b19b710ec9d855dcd0b3294d51945d36096f2f4f3630f150106cdea74d0647
- SSDEEP
  
  384:BOMzqY11bGv1Sw8TUy+yCWnEHWbrzBpRv8TgXWOuiXXVCCC4Qg9O6qoYA5vDBRJE:rDJ+yg2+8WOuiXXVy4Qjoh1PUHTgs
Score

1^/10
behavioral11 behavioral12
- Target
  
  libSoftMeter.dll
- Size
  
  475KB
- MD5
  
  5031c32d7c7d6fffa724aa76fdcc1d30
- SHA1
  
  4aea11dda621d9af45bdac5b3b26fcdec4c599ec
- SHA256
  
  6dfd45ac16434ef113dfa6f2ef86259119fe64995c4073dd396b7590393ce54f
- SHA512
  
  f3b1cb3ebed76f626fd6846fec9c1c2e6b141b8e0c75ca070cac86e8bdf8a8668a05bc3abebdfe810ed013d9be7d48ec9332d05e04e26a37068f47c1eb8862d4
- SSDEEP
  
  12288:ftayHy+ztCP30bGj7CGfnVaMfZdPlvoS5XCdmzqTty7n:fOuMfZdPlvCdmwY7n
Score

3^/10

discovery
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

redlinesectopratinfostealerrattrojan

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14