redline

General

Target

JaffaCakes118_b2d2c9eb4e6fd26e27dce67b3eee33a3
Size

422KB
Sample

250108-3jr6ns1kal
MD5

b2d2c9eb4e6fd26e27dce67b3eee33a3
SHA1

46d90fe32ebebc64913a427b475aef1c6db60b52
SHA256

0003a467e46e3a34cde07a730c2d12dd923275e808f9841dcb7357a0fa674703
SHA512

0aeb5fc5bf4bcb141bbb3d4b568c768e05499d7ee6d4ba0bdc6f0c6b046b50b2fa0dac6e9b2934d7d7d2ead46128230fb3d479f8431eb33a33ed28d75b969e13
SSDEEP

12288:5shhl6EZ+iEcvpbMC7dZz/uiHzCOK/ZuC:0lb

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

omnik

C2

188.34.188.23:29794

Attributes

auth_value
1501dce2232cf802a139f7a7bebc49b2

Targets

- Target
  
  JaffaCakes118_b2d2c9eb4e6fd26e27dce67b3eee33a3
- Size
  
  422KB
- MD5
  
  b2d2c9eb4e6fd26e27dce67b3eee33a3
- SHA1
  
  46d90fe32ebebc64913a427b475aef1c6db60b52
- SHA256
  
  0003a467e46e3a34cde07a730c2d12dd923275e808f9841dcb7357a0fa674703
- SHA512
  
  0aeb5fc5bf4bcb141bbb3d4b568c768e05499d7ee6d4ba0bdc6f0c6b046b50b2fa0dac6e9b2934d7d7d2ead46128230fb3d479f8431eb33a33ed28d75b969e13
- SSDEEP
  
  12288:5shhl6EZ+iEcvpbMC7dZz/uiHzCOK/ZuC:0lb
Score

10^/10

redline sectoprat omnik discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2