General

  • Target

    3D63B777F65056B236BA51180CD37CE0.exe

  • Size

    557KB

  • Sample

    241204-pkjn2azqeq

  • MD5

    3d63b777f65056b236ba51180cd37ce0

  • SHA1

    94a4653797f942c4f2eb1ac36707d66e5cef401f

  • SHA256

    d2ddb7d466186ab167e6799198ef76d678ad0ac098a5deacb5a99383aa54b717

  • SHA512

    10b6f38a651593a7fbb2209907b4ce16bfccb07db858dd826f27d3a5b8270cf4b09b4a54233e2804d3fcd909f775b5e5c85c0b6923ec65afbf767e46a341a37e

  • SSDEEP

    12288:5JjHQC3RbeXNMR4xfLH4mU7D+MCyWQNIQTkduiY0D:5tQC35eXN/fLo+MrWQNxkQiBD

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

185.222.58.82:55615

Targets

    • Target

      3D63B777F65056B236BA51180CD37CE0.exe

    • Size

      557KB

    • MD5

      3d63b777f65056b236ba51180cd37ce0

    • SHA1

      94a4653797f942c4f2eb1ac36707d66e5cef401f

    • SHA256

      d2ddb7d466186ab167e6799198ef76d678ad0ac098a5deacb5a99383aa54b717

    • SHA512

      10b6f38a651593a7fbb2209907b4ce16bfccb07db858dd826f27d3a5b8270cf4b09b4a54233e2804d3fcd909f775b5e5c85c0b6923ec65afbf767e46a341a37e

    • SSDEEP

      12288:5JjHQC3RbeXNMR4xfLH4mU7D+MCyWQNIQTkduiY0D:5tQC35eXN/fLo+MrWQNxkQiBD

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Sectoprat family

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.