redline

General

Target

JaffaCakes118_dcd2bdd5a30049bbab9d1d3417dad5f5
Size

486KB
Sample

250110-gvsexsxkdk
MD5

dcd2bdd5a30049bbab9d1d3417dad5f5
SHA1

3cdabe8305153f39f9d4f74ede1c8f191e17508f
SHA256

a69f0afa1f2366e7e4f0fec62edcaa45041da1bc9c29dd59fca50e4f60c7fd58
SHA512

bdaf3abf2af1663af5c4549aa7f07401736acfe4ff229d898d384bfa8be52d4d3cea94968399215f09355d11a754bd833a58f2f0b4b364a041be53169b374dde
SSDEEP

12288:ADM8w+ZVWPRsdi/yQGtoo5D7TDJ1TXFUe9:v8wsYPRsayQzo5jZU6

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

@ebooLZT

C2

185.82.126.114:81

Attributes

auth_value
55d48a1a930cf4d6f3e2d6bcd0daaf07

Targets

- Target
  
  JaffaCakes118_dcd2bdd5a30049bbab9d1d3417dad5f5
- Size
  
  486KB
- MD5
  
  dcd2bdd5a30049bbab9d1d3417dad5f5
- SHA1
  
  3cdabe8305153f39f9d4f74ede1c8f191e17508f
- SHA256
  
  a69f0afa1f2366e7e4f0fec62edcaa45041da1bc9c29dd59fca50e4f60c7fd58
- SHA512
  
  bdaf3abf2af1663af5c4549aa7f07401736acfe4ff229d898d384bfa8be52d4d3cea94968399215f09355d11a754bd833a58f2f0b4b364a041be53169b374dde
- SSDEEP
  
  12288:ADM8w+ZVWPRsdi/yQGtoo5D7TDJ1TXFUe9:v8wsYPRsayQzo5jZU6
Score

10^/10

redline sectoprat @eboolzt discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2