Overview

overview

10

Static

static

3

765d2bea3b...03.exe

windows7-x64

10

765d2bea3b...03.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    765d2bea3b998e2ac9abc103c79428ddc2b12225ddbf9fcaa5fefac5d1161003

  • Size

    285KB

  • Sample

    241109-m11alswkhp

  • MD5

    a9cfa26773face68ea3491c23a18d8af

  • SHA1

    0d77e0b4e2e9188fb4e34a86141f440d164e3b71

  • SHA256

    765d2bea3b998e2ac9abc103c79428ddc2b12225ddbf9fcaa5fefac5d1161003

  • SHA512

    90020b7be7501b80bde2ff2bebc807dbcf73f30a61f4f0253968906ad78859dd6bbf3257faf3de285a123bfcdff1363eec4f5376093851d94f4f5f8d7ddeb61c

  • SSDEEP

    6144:HLXMpGqVjtZarTGWu2rk2GcJDWDfYybpEXqQ:YIq1D2yWuCXsfR

Score
10/10
redlinesectopratpubdiscoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.20:13441

Targets

    • Target

      765d2bea3b998e2ac9abc103c79428ddc2b12225ddbf9fcaa5fefac5d1161003

    • Size

      285KB

    • MD5

      a9cfa26773face68ea3491c23a18d8af

    • SHA1

      0d77e0b4e2e9188fb4e34a86141f440d164e3b71

    • SHA256

      765d2bea3b998e2ac9abc103c79428ddc2b12225ddbf9fcaa5fefac5d1161003

    • SHA512

      90020b7be7501b80bde2ff2bebc807dbcf73f30a61f4f0253968906ad78859dd6bbf3257faf3de285a123bfcdff1363eec4f5376093851d94f4f5f8d7ddeb61c

    • SSDEEP

      6144:HLXMpGqVjtZarTGWu2rk2GcJDWDfYybpEXqQ:YIq1D2yWuCXsfR

    Score
    10/10
    redlinesectopratpubdiscoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks