redline

General

Target

JaffaCakes118_da7b1e48332215cd2fb27d9e7ab98d3e
Size

148KB
Sample

250110-ene5xatnej
MD5

da7b1e48332215cd2fb27d9e7ab98d3e
SHA1

6bd7f15ba3ff855dbcdc0b76b72a48baaad30838
SHA256

a37c2dee7c3163cc9fafc64846d3c02d9cf77b8422af2a2a66ca8d5f3e6964fb
SHA512

b1e579cb68bf65f2fea5e1ed0e1d906697cfaa6e04650d19a7d032beb1880bed64b6c702dd14eb5606f689c50e810fa103ef117fd0fcfe21c010d315917fa3a2
SSDEEP

3072:RKY2O2aWFY6riD0CpXIUEM37uRXUtRy8Cqlkdyd:b2Op1jL02UXUvyC

Score

10^/10

Malware Config

Extracted

Family

redline

C2

141.94.188.139:43059

Attributes

auth_value
e6fd07a033474b6535552b6f7bfb4f97

Targets

- Target
  
  JaffaCakes118_da7b1e48332215cd2fb27d9e7ab98d3e
- Size
  
  148KB
- MD5
  
  da7b1e48332215cd2fb27d9e7ab98d3e
- SHA1
  
  6bd7f15ba3ff855dbcdc0b76b72a48baaad30838
- SHA256
  
  a37c2dee7c3163cc9fafc64846d3c02d9cf77b8422af2a2a66ca8d5f3e6964fb
- SHA512
  
  b1e579cb68bf65f2fea5e1ed0e1d906697cfaa6e04650d19a7d032beb1880bed64b6c702dd14eb5606f689c50e810fa103ef117fd0fcfe21c010d315917fa3a2
- SSDEEP
  
  3072:RKY2O2aWFY6riD0CpXIUEM37uRXUtRy8Cqlkdyd:b2Op1jL02UXUvyC
Score

10^/10

redline sectoprat discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2