redline

General

Target

ef4c4748a0161bbc750c1f58f7c2b347_JaffaCakes118
Size

497KB
Sample

241214-r7719axkfk
MD5

ef4c4748a0161bbc750c1f58f7c2b347
SHA1

331d255a2055f5e7594744c0d32f135aad9e50ad
SHA256

aa504b0c2fe4bdcdca89d5c367887fa653665b2228add241ce0c86f950b56ad8
SHA512

55418bf4aaa78927a6c16322edf2f7defb8d4066ff9ae5d63c2ea5b175ca613b33723fc0a660c3de725fffdee766874db5a6bb4f9801f8e235a5500bbcdd2667
SSDEEP

12288:QWBUc+rHMAMCqd/VJ2iN4TMSdG3T6QuYQP5cMS8MZMzj+A:NBUc+oBF1nuYuzSfMzj+A

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

rich

C2

95.217.248.44:11695

Targets

- Target
  
  ef4c4748a0161bbc750c1f58f7c2b347_JaffaCakes118
- Size
  
  497KB
- MD5
  
  ef4c4748a0161bbc750c1f58f7c2b347
- SHA1
  
  331d255a2055f5e7594744c0d32f135aad9e50ad
- SHA256
  
  aa504b0c2fe4bdcdca89d5c367887fa653665b2228add241ce0c86f950b56ad8
- SHA512
  
  55418bf4aaa78927a6c16322edf2f7defb8d4066ff9ae5d63c2ea5b175ca613b33723fc0a660c3de725fffdee766874db5a6bb4f9801f8e235a5500bbcdd2667
- SSDEEP
  
  12288:QWBUc+rHMAMCqd/VJ2iN4TMSdG3T6QuYQP5cMS8MZMzj+A:NBUc+oBF1nuYuzSfMzj+A
Score

10^/10

redline sectoprat rich discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2