General
-
Target
74a068c9288eefa74c10fb0dc4020e4c.exe
-
Size
95KB
-
Sample
230320-pff3cafd9z
-
MD5
74a068c9288eefa74c10fb0dc4020e4c
-
SHA1
0dd90a53e31a81f7b29b12eadb15c23d83e2f514
-
SHA256
69e1727ccf15f0931431e60537109301c7ce268d310baaa40fb0db52d69b7024
-
SHA512
3f129e5735ab68941d10eea09dc2384d94942fd1c88e0722fe429eaaebf2d9dc4e9ea7459efb7db28a7e41af48b9270549c04626c48e5fe4cfd6661edd7a84e1
-
SSDEEP
1536:1qswlqWWlbG6jejoigI/43Ywzi0Zb78ivombfexv0ujXyyed2r3teulgS6pg:zgReY/+zi0ZbYe1g0ujyzdng
Behavioral task
behavioral1
Sample
74a068c9288eefa74c10fb0dc4020e4c.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
cheat
15.204.4.7:4848
Targets
-
-
Target
74a068c9288eefa74c10fb0dc4020e4c.exe
-
Size
95KB
-
MD5
74a068c9288eefa74c10fb0dc4020e4c
-
SHA1
0dd90a53e31a81f7b29b12eadb15c23d83e2f514
-
SHA256
69e1727ccf15f0931431e60537109301c7ce268d310baaa40fb0db52d69b7024
-
SHA512
3f129e5735ab68941d10eea09dc2384d94942fd1c88e0722fe429eaaebf2d9dc4e9ea7459efb7db28a7e41af48b9270549c04626c48e5fe4cfd6661edd7a84e1
-
SSDEEP
1536:1qswlqWWlbG6jejoigI/43Ywzi0Zb78ivombfexv0ujXyyed2r3teulgS6pg:zgReY/+zi0ZbYe1g0ujyzdng
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-