redline

General

Target

JaffaCakes118_ec50c85d37d291df09c7228df769d588
Size

148KB
Sample

250110-yamglswpdk
MD5

ec50c85d37d291df09c7228df769d588
SHA1

a6654afad46ca3ea3d74e7f6d12e8efe6fba9f40
SHA256

a8c60976592766c80a98b11dd7dbcd18570aa225051a60029d542f47cd2b12b8
SHA512

1a9d0dd2646ef6f7a2f334cc89dd397441d0244192af452469aa8985971c0867484d5807e29c6b60632110c8924eec2670ee18176b4e460f4bee28d907090b96
SSDEEP

3072:NKZAmnuW1vs875/Hz8khTPZgkXWxqACUtxjr+lt:abJJSkhLZgkXgrw

Score

10^/10

Malware Config

Extracted

Family

redline

C2

141.94.188.139:43059

Attributes

auth_value
e6fd07a033474b6535552b6f7bfb4f97

Targets

- Target
  
  JaffaCakes118_ec50c85d37d291df09c7228df769d588
- Size
  
  148KB
- MD5
  
  ec50c85d37d291df09c7228df769d588
- SHA1
  
  a6654afad46ca3ea3d74e7f6d12e8efe6fba9f40
- SHA256
  
  a8c60976592766c80a98b11dd7dbcd18570aa225051a60029d542f47cd2b12b8
- SHA512
  
  1a9d0dd2646ef6f7a2f334cc89dd397441d0244192af452469aa8985971c0867484d5807e29c6b60632110c8924eec2670ee18176b4e460f4bee28d907090b96
- SSDEEP
  
  3072:NKZAmnuW1vs875/Hz8khTPZgkXWxqACUtxjr+lt:abJJSkhLZgkXgrw
Score

10^/10

redline sectoprat discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2