redline

General

Target

JaffaCakes118_977bd10773276949895f567aa282c1d7
Size

407KB
Sample

250108-k3vf2awjgj
MD5

977bd10773276949895f567aa282c1d7
SHA1

03920bb245cb1bd769c7b45ea3f9fc583dd6f875
SHA256

cea9c04e4423b446bf0e0c429634d3e2f622a7eaf107a1fed8e3c561b06609f0
SHA512

cc534423437cbec38d3a3897f833b302ed474fcb36b98d413ac57e6736d7a22632138941ad235c37ddf1c3d3162f5f5a1227868b85b09853072c15afdd9b1198
SSDEEP

12288:HFYq8x7Dljdroiwsjm0ijdYSAk4EevSOt:HKFroiHmbAk4E

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

sewPalp

C2

185.215.113.29:24645

Attributes

auth_value
41d3df6d093b1e36993abf16af0d6f2d

Targets

- Target
  
  JaffaCakes118_977bd10773276949895f567aa282c1d7
- Size
  
  407KB
- MD5
  
  977bd10773276949895f567aa282c1d7
- SHA1
  
  03920bb245cb1bd769c7b45ea3f9fc583dd6f875
- SHA256
  
  cea9c04e4423b446bf0e0c429634d3e2f622a7eaf107a1fed8e3c561b06609f0
- SHA512
  
  cc534423437cbec38d3a3897f833b302ed474fcb36b98d413ac57e6736d7a22632138941ad235c37ddf1c3d3162f5f5a1227868b85b09853072c15afdd9b1198
- SSDEEP
  
  12288:HFYq8x7Dljdroiwsjm0ijdYSAk4EevSOt:HKFroiHmbAk4E
Score

10^/10

redline sectoprat sewpalp discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2