redline

General

Target

d8cd0d8e85f8a22c87e342a198f05270_JaffaCakes118
Size

1.1MB
Sample

241209-krtelasmf1
MD5

d8cd0d8e85f8a22c87e342a198f05270
SHA1

08899f6af9e191afc9bf8df333815ef85df5710f
SHA256

156b8681a2fb319a59494ab995cd1348d9bb09846c4a881a12a7bfafd241dfc1
SHA512

df5695f436ede7ce3e0b3a0f248261793c315f347f7fae1e8f52efcd0ef3576536fac0333067125298aeb00ef24d6b356151b40ec0df690e674ab7a7b6cc9aa5
SSDEEP

24576:3ZFbysjNK+KfSkmxkJZM3yPOSWfY74hJUT2PHY82xF:HBjwf4kx6fK4h

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

@MoneyCashTopP

C2

77.220.212.176:31599

Targets

- Target
  
  d8cd0d8e85f8a22c87e342a198f05270_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  d8cd0d8e85f8a22c87e342a198f05270
- SHA1
  
  08899f6af9e191afc9bf8df333815ef85df5710f
- SHA256
  
  156b8681a2fb319a59494ab995cd1348d9bb09846c4a881a12a7bfafd241dfc1
- SHA512
  
  df5695f436ede7ce3e0b3a0f248261793c315f347f7fae1e8f52efcd0ef3576536fac0333067125298aeb00ef24d6b356151b40ec0df690e674ab7a7b6cc9aa5
- SSDEEP
  
  24576:3ZFbysjNK+KfSkmxkJZM3yPOSWfY74hJUT2PHY82xF:HBjwf4kx6fK4h
Score

10^/10

redline sectoprat @moneycashtopp discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2