Overview

overview

10

Static

static

3

2534575484...4b.exe

windows7-x64

10

2534575484...4b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2534575484f0f29f62ed56688f1b90348fe465fdf273155132063fb93a32f84b

  • Size

    276KB

  • Sample

    241109-lmhmzavmhn

  • MD5

    af786b2242e18b10ccf438cdc21809dc

  • SHA1

    ce41970c1582691d200ab95744f54c3a4dbd58c7

  • SHA256

    2534575484f0f29f62ed56688f1b90348fe465fdf273155132063fb93a32f84b

  • SHA512

    e5f68e58836d3bd91928d2babf36776a133c706df425b5653e6397658e245256c3bf6f5a1e6ea354e9f492c7fe73fb28c2cce3bf0f22922d316253ce2c2d9d1b

  • SSDEEP

    6144:9Eclg6aCwzsqzgw0Mfl+Z3Ejyak5iMrRgzcdxJg:v1axlgvMfl+Z3Ej+R5Y

Score
10/10
redlinesectopratinstallbot_mix2discoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

installbot_mix2

C2

185.118.165.94:15838

Targets

    • Target

      2534575484f0f29f62ed56688f1b90348fe465fdf273155132063fb93a32f84b

    • Size

      276KB

    • MD5

      af786b2242e18b10ccf438cdc21809dc

    • SHA1

      ce41970c1582691d200ab95744f54c3a4dbd58c7

    • SHA256

      2534575484f0f29f62ed56688f1b90348fe465fdf273155132063fb93a32f84b

    • SHA512

      e5f68e58836d3bd91928d2babf36776a133c706df425b5653e6397658e245256c3bf6f5a1e6ea354e9f492c7fe73fb28c2cce3bf0f22922d316253ce2c2d9d1b

    • SSDEEP

      6144:9Eclg6aCwzsqzgw0Mfl+Z3Ejyak5iMrRgzcdxJg:v1axlgvMfl+Z3Ej+R5Y

    Score
    10/10
    redlinesectopratinstallbot_mix2discoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks