redline

General

Target

JaffaCakes118_c51c6e7ea7a29a16e44d275bcdf72656
Size

971KB
Sample

250109-lv8t5aymfm
MD5

c51c6e7ea7a29a16e44d275bcdf72656
SHA1

2fb15b2da024c217f08b2821a0dfdb2bcb4551a6
SHA256

3f4eed884029b6f6bf25c70b72f54fdd5f36651f3d52871fe13a96bd0858e5c8
SHA512

9f25c6502fc4c931ca820ce7e7a09174cdb641d7041fa5746cf3148cd48941134749ab8802eb6c6dd5cb5b8865d2c4512615c97177aa932e86b4966d9782e359
SSDEEP

12288:zjgSKclWABwzDv4HpADNs/mxXhNs70ysTC4x9BKu88O55wd3pDyuWOd1LfsSM+9S:pKqBeUmjBQV

Score

10^/10

Malware Config

Extracted

Family

redline

C2

141.94.188.138:46419

Attributes

auth_value
3f48b95855158031ae9e7dafcb203009

Targets

- Target
  
  JaffaCakes118_c51c6e7ea7a29a16e44d275bcdf72656
- Size
  
  971KB
- MD5
  
  c51c6e7ea7a29a16e44d275bcdf72656
- SHA1
  
  2fb15b2da024c217f08b2821a0dfdb2bcb4551a6
- SHA256
  
  3f4eed884029b6f6bf25c70b72f54fdd5f36651f3d52871fe13a96bd0858e5c8
- SHA512
  
  9f25c6502fc4c931ca820ce7e7a09174cdb641d7041fa5746cf3148cd48941134749ab8802eb6c6dd5cb5b8865d2c4512615c97177aa932e86b4966d9782e359
- SSDEEP
  
  12288:zjgSKclWABwzDv4HpADNs/mxXhNs70ysTC4x9BKu88O55wd3pDyuWOd1LfsSM+9S:pKqBeUmjBQV
Score

10^/10

redline sectoprat discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2