redline | 794e44dc056f97c7d0f689208ec495290b9dd9e079303af11ce027639069b880 | Triage

Submit
Reports

Overview

overview

Static

static

794e44dc05...80.exe

windows7-x64

794e44dc05...80.exe

windows10-2004-x64

Sharing

General

Target

794e44dc056f97c7d0f689208ec495290b9dd9e079303af11ce027639069b880
Size

97KB
Sample

241109-w69kxazcpd
MD5

bce924b1fe09c8c750924d13cd4e7b99
SHA1

0e71d151337cc3cc10243b995136db97785feb28
SHA256

794e44dc056f97c7d0f689208ec495290b9dd9e079303af11ce027639069b880
SHA512

349c757d92836e64130071bccc830aba186ebc81963409f38d28e39b889b476f2cc74968753e747702daadc171956d39023a178037b10694bd7337baae24333d
SSDEEP

1536:tG6WAaoigETTK4nERS2ajZchcdguG8Su2UHG7gbuh7vfucGyAsdu0fQuEn:/0hElajOCgp8Su2wkfuByddkn

Score

10^/10

redline sectoprat discovery infostealer rat trojan

Static task

static1

redline sectoprat

5 signatures

Behavioral task

behavioral1

Sample

794e44dc056f97c7d0f689208ec495290b9dd9e079303af11ce027639069b880.exe

Resource

win7-20240903-en

redline sectoprat discovery infostealer rat trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

794e44dc056f97c7d0f689208ec495290b9dd9e079303af11ce027639069b880.exe

Resource

win10v2004-20241007-en

redline sectoprat discovery infostealer rat trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  794e44dc056f97c7d0f689208ec495290b9dd9e079303af11ce027639069b880
- Size
  
  97KB
- MD5
  
  bce924b1fe09c8c750924d13cd4e7b99
- SHA1
  
  0e71d151337cc3cc10243b995136db97785feb28
- SHA256
  
  794e44dc056f97c7d0f689208ec495290b9dd9e079303af11ce027639069b880
- SHA512
  
  349c757d92836e64130071bccc830aba186ebc81963409f38d28e39b889b476f2cc74968753e747702daadc171956d39023a178037b10694bd7337baae24333d
- SSDEEP
  
  1536:tG6WAaoigETTK4nERS2ajZchcdguG8Su2UHG7gbuh7vfucGyAsdu0fQuEn:/0hElajOCgp8Su2wkfuByddkn
Score

10^/10

redline sectoprat discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

redlinesectoprat

behavioral1

redlinesectopratdiscoveryinfostealerrattrojan

behavioral2

redlinesectopratdiscoveryinfostealerrattrojan

© 2018-2025

Terms | Privacy