redline

General

Target

2cb2a284925645f2c537ec1b8f2372487459c42c1e774003856f1248b4090f27
Size

318KB
Sample

241110-cvkb4axfmb
MD5

4c3e19211dc774d8f2547651ee6e367c
SHA1

5cd3c82718085e113942e7a3d285fed67e4c9421
SHA256

2cb2a284925645f2c537ec1b8f2372487459c42c1e774003856f1248b4090f27
SHA512

19aee9601b6e4cb5443ade98d4098d77f1e25602c984798eecc955afe9e6b3fbd1892fdc5f41c2976ff77848e40c654e293013568e95d700d9086ca55911d9cc
SSDEEP

6144:53T9vLfSj1e7VHmH92J8YWEFH9CbNZleRU2UO:VpLSj1e7VHmd2FWZ3

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.20:13441

Targets

- Target
  
  2cb2a284925645f2c537ec1b8f2372487459c42c1e774003856f1248b4090f27
- Size
  
  318KB
- MD5
  
  4c3e19211dc774d8f2547651ee6e367c
- SHA1
  
  5cd3c82718085e113942e7a3d285fed67e4c9421
- SHA256
  
  2cb2a284925645f2c537ec1b8f2372487459c42c1e774003856f1248b4090f27
- SHA512
  
  19aee9601b6e4cb5443ade98d4098d77f1e25602c984798eecc955afe9e6b3fbd1892fdc5f41c2976ff77848e40c654e293013568e95d700d9086ca55911d9cc
- SSDEEP
  
  6144:53T9vLfSj1e7VHmH92J8YWEFH9CbNZleRU2UO:VpLSj1e7VHmd2FWZ3
Score

10^/10

redline sectoprat uts discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2