redline

General

Target

acfdc8eb1511626b94b14063b957b613_JaffaCakes118
Size

296KB
Sample

241128-vddr4ayqbm
MD5

acfdc8eb1511626b94b14063b957b613
SHA1

98cab634f5a1db595b7f33b18f0af884e9385325
SHA256

1edb999b5a5893c03a25194a97b6ee52d08b9979c248de41e7e4bafb160b377e
SHA512

bd7c750ea5620d219c7b662de57eaaaadc7b713e80c3d7f2b3f545a17fdcf327268f966e8e6035f4c96b48fe11f1bb50285da5b3ca80aee1ba1633c8a406f5ae
SSDEEP

6144:UAYFsFw3yv6TCtrI57u6afGErDmKDG49UUJ9HNAABm+rrka:Umm3yCQrINu6aHhGJUhjBTIa

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

@keynejkee

C2

164.132.72.186:18717

Targets

- Target
  
  acfdc8eb1511626b94b14063b957b613_JaffaCakes118
- Size
  
  296KB
- MD5
  
  acfdc8eb1511626b94b14063b957b613
- SHA1
  
  98cab634f5a1db595b7f33b18f0af884e9385325
- SHA256
  
  1edb999b5a5893c03a25194a97b6ee52d08b9979c248de41e7e4bafb160b377e
- SHA512
  
  bd7c750ea5620d219c7b662de57eaaaadc7b713e80c3d7f2b3f545a17fdcf327268f966e8e6035f4c96b48fe11f1bb50285da5b3ca80aee1ba1633c8a406f5ae
- SSDEEP
  
  6144:UAYFsFw3yv6TCtrI57u6afGErDmKDG49UUJ9HNAABm+rrka:Umm3yCQrINu6aHhGJUhjBTIa
Score

10^/10

redline sectoprat @keynejkee discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2