Overview

overview

10

Static

static

3

bceaa67961...24.exe

windows7-x64

10

bceaa67961...24.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bceaa679616c9962bb8b0f656054218ca43a2a0931ae9a52fcad8ad154a8e424

  • Size

    443KB

  • Sample

    241110-h22slssclj

  • MD5

    5859e89bb856acef3947cbd6c55b66da

  • SHA1

    88baa6cd5049075fbecce4809caf4418b63cb8c3

  • SHA256

    bceaa679616c9962bb8b0f656054218ca43a2a0931ae9a52fcad8ad154a8e424

  • SHA512

    8c60cad2f0fffcfa9a7ecf1c361a85f7cd6604a65d59b985df424bf33c372c2e8356857dfd64bea8d787c0c6f952c3e726eb6172824a72b6645886432eaec991

  • SSDEEP

    12288:bklT97iTMJMGAjho/L7mQxZ9yFhEloy6f8z7t3hiNYeh19z7IW:2Cjhm6N

Score
10/10
redlinesectopratbaskardiscoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

Baskar

C2

95.181.172.207:56915

Targets

    • Target

      bceaa679616c9962bb8b0f656054218ca43a2a0931ae9a52fcad8ad154a8e424

    • Size

      443KB

    • MD5

      5859e89bb856acef3947cbd6c55b66da

    • SHA1

      88baa6cd5049075fbecce4809caf4418b63cb8c3

    • SHA256

      bceaa679616c9962bb8b0f656054218ca43a2a0931ae9a52fcad8ad154a8e424

    • SHA512

      8c60cad2f0fffcfa9a7ecf1c361a85f7cd6604a65d59b985df424bf33c372c2e8356857dfd64bea8d787c0c6f952c3e726eb6172824a72b6645886432eaec991

    • SSDEEP

      12288:bklT97iTMJMGAjho/L7mQxZ9yFhEloy6f8z7t3hiNYeh19z7IW:2Cjhm6N

    Score
    10/10
    redlinesectopratbaskardiscoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks