Overview

overview

10

Static

static

Path of Sp...ta.exe

windows7-x64

10

Path of Sp...ta.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Path of Sparta Launcher.rar

  • Size

    10.5MB

  • Sample

    221206-wn6rasbb38

  • MD5

    562d223acfcf9e2dbdce1da1977430ca

  • SHA1

    a273eb7b3e8bc0fc738f5e04ac43792ae0a99a2f

  • SHA256

    4b38723087c6655f6357525e4acf5a75106f77056913c30ee183944131b03beb

  • SHA512

    fb7910c59ef8068ae3049c0fe855567f977edf84cafdc9132ba35dfe98a58900f36ef5d403290c4dd75a553614ad19607d42af33a6155dd5df9e5c01bc8ea70d

  • SSDEEP

    196608:M3CExdGWrHc85PjGy9HM7BYUotI6jx347LUmlQpAPSjveIiGFQHfQ7QsV8LUmWB5:M3CECw8sPKy9KYb2LUyQ7FQ/cYLDM/L

Score
10/10
redlineproinfostealerspyware

Malware Config

Extracted

Family

redline

Botnet

pro

C2

79.137.199.206:45354

Attributes
  • auth_value

    e20e8d1492a37ff0cfab3cd3f6c60362

Targets

    • Target

      Path of Sparta Launcher/Path Of Sparta.exe

    • Size

      739.0MB

    • MD5

      c23d2103301c8278aa08a4904cee9e53

    • SHA1

      d4f549f9005314e1f8f27d263a4c50ee278eae80

    • SHA256

      9d91ab500bcd9d35bc1c1e241cb7a87845204efceec74ef2439c4354c1286f2a

    • SHA512

      b1e61f89f1648f7d44399e9cc518fa2b5c6f5845e23d5f98620d846e0bc1244a377b402639004b8f5142a05caa0dc0133d05f4b3ea7c2cc3e8b67100f6fd371d

    • SSDEEP

      98304:y+W2tgj7eiP1+bzgJyM4sYXCl6fMX2hs/4Tq9KLz63gE:yStgmq1og8AkC4fMlQE

    Score
    10/10
    redlineproinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks