Overview

overview

10

Static

static

3

_@Delony_l...ed.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    _@Delony_lolz_protected.exe

  • Size

    1.1MB

  • Sample

    250516-1fslxshn8x

  • MD5

    b60e3150e5b049779cdaf69dfd3ffdb8

  • SHA1

    2efb9f045f0b5e82d63f42a356b1d585f905000f

  • SHA256

    66b48fe61af47810ef3056bcad8fda591320905733f85c6fc6a2e457e892085f

  • SHA512

    ac090144287af43af15c4df8ac39f01424d3466d7635c6fd0c852a171a8362218e23c748cc317f12d3a2342399b956dcc52eb4e02fbabb294d7e48d7efcc6fc4

  • SSDEEP

    24576:TUferHg9IfWwt4k1/mWxUOX4ocBoQbGtYFKS236AL+:IQAmRB1/mWmOX4OdifrM+

Score
10/10
redlinesectoprat@delony_lolzdiscoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

@Delony_lolz

C2

95.216.43.58:40566

Targets

    • Target

      _@Delony_lolz_protected.exe

    • Size

      1.1MB

    • MD5

      b60e3150e5b049779cdaf69dfd3ffdb8

    • SHA1

      2efb9f045f0b5e82d63f42a356b1d585f905000f

    • SHA256

      66b48fe61af47810ef3056bcad8fda591320905733f85c6fc6a2e457e892085f

    • SHA512

      ac090144287af43af15c4df8ac39f01424d3466d7635c6fd0c852a171a8362218e23c748cc317f12d3a2342399b956dcc52eb4e02fbabb294d7e48d7efcc6fc4

    • SSDEEP

      24576:TUferHg9IfWwt4k1/mWxUOX4ocBoQbGtYFKS236AL+:IQAmRB1/mWmOX4OdifrM+

    Score
    10/10
    redlinesectoprat@delony_lolzdiscoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v16

Tasks

OSZAR »