redline

General

Target

37f601cfd90279392c27c0fec6359d28fae86878112469f8e95d0f3474c3367b.exe
Size

366KB
Sample

241123-qn4n2ssjen
MD5

d308aff286fba626255b4036bdf01fe6
SHA1

bbbbf5436773e032d476fd30fa041db1f3938885
SHA256

37f601cfd90279392c27c0fec6359d28fae86878112469f8e95d0f3474c3367b
SHA512

79aee3bcc7671f0f7d85534a2552b99a014bdb311adc909b090c930e1bb45fe3ef7730a2a3a8d2fb368124078dd95d472c5b28e0296477e363e754dce54b368c
SSDEEP

6144:NFfusc5msJu5lZKWDnYQN6wDX/rYcRstfS5deEOnA:LfusamSuXZuQMwDX/rLstf+ItnA

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

sewPalp

C2

185.215.113.29:24645

Attributes

auth_value
41d3df6d093b1e36993abf16af0d6f2d

Targets

- Target
  
  37f601cfd90279392c27c0fec6359d28fae86878112469f8e95d0f3474c3367b.exe
- Size
  
  366KB
- MD5
  
  d308aff286fba626255b4036bdf01fe6
- SHA1
  
  bbbbf5436773e032d476fd30fa041db1f3938885
- SHA256
  
  37f601cfd90279392c27c0fec6359d28fae86878112469f8e95d0f3474c3367b
- SHA512
  
  79aee3bcc7671f0f7d85534a2552b99a014bdb311adc909b090c930e1bb45fe3ef7730a2a3a8d2fb368124078dd95d472c5b28e0296477e363e754dce54b368c
- SSDEEP
  
  6144:NFfusc5msJu5lZKWDnYQN6wDX/rYcRstfS5deEOnA:LfusamSuXZuQMwDX/rLstf+ItnA
Score

10^/10

redline sectoprat sewpalp discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2