General
-
Target
3FEAE453D474140F7DE8FD150226F3A892083C74D5CFA.exe
-
Size
95KB
-
Sample
230206-t9y78seh72
-
MD5
5a5346678e26c7e1870d66705bc9bbb8
-
SHA1
caac1c81e8d33761edfba8712402e7ba9b223c95
-
SHA256
3feae453d474140f7de8fd150226f3a892083c74d5cfa760cae6bb4751375683
-
SHA512
cb3635edb95190b678a977ad3e11e5d99eb5605b2d935b48be88638750d328801a5c728a0d41ee760a5bd807ff88dda5560ecb5d4f6dc839712ac64ce948e176
-
SSDEEP
1536:Vqsm5qeUlbG6jejoigI843Ywzi0Zb78ivombfexv0ujXyyed2b3tmulgS6pA:TKlMY8+zi0ZbYe1g0ujyzdDA
Behavioral task
behavioral1
Sample
3FEAE453D474140F7DE8FD150226F3A892083C74D5CFA.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
cheat
design-invited.at.ply.gg:23426
Targets
-
-
Target
3FEAE453D474140F7DE8FD150226F3A892083C74D5CFA.exe
-
Size
95KB
-
MD5
5a5346678e26c7e1870d66705bc9bbb8
-
SHA1
caac1c81e8d33761edfba8712402e7ba9b223c95
-
SHA256
3feae453d474140f7de8fd150226f3a892083c74d5cfa760cae6bb4751375683
-
SHA512
cb3635edb95190b678a977ad3e11e5d99eb5605b2d935b48be88638750d328801a5c728a0d41ee760a5bd807ff88dda5560ecb5d4f6dc839712ac64ce948e176
-
SSDEEP
1536:Vqsm5qeUlbG6jejoigI843Ywzi0Zb78ivombfexv0ujXyyed2b3tmulgS6pA:TKlMY8+zi0ZbYe1g0ujyzdDA
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-