redline

General

Target

JaffaCakes118_f8b50e634b0ce5e325606915748cda22
Size

406KB
Sample

250111-ghwxksxkhz
MD5

f8b50e634b0ce5e325606915748cda22
SHA1

15f4765907e9a36949db7e08161c64b5656d97ad
SHA256

d89c4c5aa03a1862a4b9e2affcde9e86b1a36f639c8bb08031a73d292994edb6
SHA512

eb9fb637d4d79e78fe4f336d9b6f005f98554ab87adec740385fb9cb9099ef79406cc45cf5e44dedcc0ca7971ce81693f8cb51d8ca6810e04363919e4b19ee66
SSDEEP

12288:d/oGajKnUvrBJ8pV0R9rIdbaf6phjCm16L:dLUTH8IRZf6phi

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Attributes

auth_value
a272f3a2850ec3dccdaed97234b7c40e

Targets

- Target
  
  JaffaCakes118_f8b50e634b0ce5e325606915748cda22
- Size
  
  406KB
- MD5
  
  f8b50e634b0ce5e325606915748cda22
- SHA1
  
  15f4765907e9a36949db7e08161c64b5656d97ad
- SHA256
  
  d89c4c5aa03a1862a4b9e2affcde9e86b1a36f639c8bb08031a73d292994edb6
- SHA512
  
  eb9fb637d4d79e78fe4f336d9b6f005f98554ab87adec740385fb9cb9099ef79406cc45cf5e44dedcc0ca7971ce81693f8cb51d8ca6810e04363919e4b19ee66
- SSDEEP
  
  12288:d/oGajKnUvrBJ8pV0R9rIdbaf6phjCm16L:dLUTH8IRZf6phi
Score

10^/10

redline sectoprat uts discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2