redline

General

Target

5badbcf20958be5af2093ee1fd9e4f6e11086e7f3ac1734b63a2e119d43274ec
Size

1003KB
Sample

250113-mnl78a1nhr
MD5

f2c407941b934b1ea9d2765a4d961f4b
SHA1

2e708a7499a8656bed9e2615ebd4190134b37448
SHA256

5badbcf20958be5af2093ee1fd9e4f6e11086e7f3ac1734b63a2e119d43274ec
SHA512

46dd2408647995155272ce7c73e35f6d0cd54a69d0211bc2f8b15c308c9e3edc4cd6ffb2c8ea05733d908147a7e0355eafb1850be8732b2e3503afe36f84370e
SSDEEP

24576:2dLCjPY+3Ws51pAPT+0hu1vyjJbaRx0e+4:2G1pA7+0hu1vykRJ+4

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

TEST

C2

193.56.146.78:54955

Targets

- Target
  
  5badbcf20958be5af2093ee1fd9e4f6e11086e7f3ac1734b63a2e119d43274ec
- Size
  
  1003KB
- MD5
  
  f2c407941b934b1ea9d2765a4d961f4b
- SHA1
  
  2e708a7499a8656bed9e2615ebd4190134b37448
- SHA256
  
  5badbcf20958be5af2093ee1fd9e4f6e11086e7f3ac1734b63a2e119d43274ec
- SHA512
  
  46dd2408647995155272ce7c73e35f6d0cd54a69d0211bc2f8b15c308c9e3edc4cd6ffb2c8ea05733d908147a7e0355eafb1850be8732b2e3503afe36f84370e
- SSDEEP
  
  24576:2dLCjPY+3Ws51pAPT+0hu1vyjJbaRx0e+4:2G1pA7+0hu1vykRJ+4
Score

10^/10

redline sectoprat test discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

SectopRAT

SectopRAT payload

Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2