redline

General

Target

JaffaCakes118_f727ab2b71da1888a36e7b8c96435dba
Size

391KB
Sample

250111-e7wl1atqew
MD5

f727ab2b71da1888a36e7b8c96435dba
SHA1

c500cbd6febb1d19d9ec508ccca8905e1df3a7f0
SHA256

a08e72cad305da9fb926e1e4f3c702a3ad0aa643405e5c31d24f87f6794a116f
SHA512

3bbaf7b77530186e139da3707daac43a09cb8cacf778446984226f28bddfde99d94db4c99da7399e7403b2fbb8df12f01f05e7f91c3ea6378158abf9eb7cf620
SSDEEP

6144:4oHfBdG/bfcXUinR9f/c3BTPVoEZ+odsMh7ggNN7A2R90QFTXrSGSvXhS:PTGTcXUIEtPGDod/UgNN7PRfFTXrc

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

nadya80proc

C2

87.251.71.82:80

Attributes

auth_value
c8dfc48676bc6ea0339d1bb1be8a0f02

Targets

- Target
  
  JaffaCakes118_f727ab2b71da1888a36e7b8c96435dba
- Size
  
  391KB
- MD5
  
  f727ab2b71da1888a36e7b8c96435dba
- SHA1
  
  c500cbd6febb1d19d9ec508ccca8905e1df3a7f0
- SHA256
  
  a08e72cad305da9fb926e1e4f3c702a3ad0aa643405e5c31d24f87f6794a116f
- SHA512
  
  3bbaf7b77530186e139da3707daac43a09cb8cacf778446984226f28bddfde99d94db4c99da7399e7403b2fbb8df12f01f05e7f91c3ea6378158abf9eb7cf620
- SSDEEP
  
  6144:4oHfBdG/bfcXUinR9f/c3BTPVoEZ+odsMh7ggNN7A2R90QFTXrSGSvXhS:PTGTcXUIEtPGDod/UgNN7PRfFTXrc
Score

10^/10

redline sectoprat nadya80proc discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2