General
-
Target
ef3e28dd598d3d3fd0f6b84e0e1d7969
-
Size
385KB
-
Sample
231220-vf2lyahcbp
-
MD5
ef3e28dd598d3d3fd0f6b84e0e1d7969
-
SHA1
b463d95a7c6922c2da3a8fa1cb255bc4ea8c814f
-
SHA256
423bc6d9cacc63994dd147ba2510d34107b3755378cdc20cbf07d972ee4ce0eb
-
SHA512
8b74720a9459fbac60c454420419a39ab7c4d9698dd91fe4d4e6353be74210a115ffdda3f8b52067ff23059c2689ce250ebb816fa5e5ecb591d8f42720fc6ea3
-
SSDEEP
6144:M1CT3Ns4nFyKkU9HmRcVPDOvISTnvxyiezLdU/Pvrbx4:M10DnAUdmRcZDOgYnvGzLy/P2
Static task
static1
Behavioral task
behavioral1
Sample
ef3e28dd598d3d3fd0f6b84e0e1d7969.exe
Resource
win7-20231129-en
Malware Config
Extracted
redline
usamoney
45.142.215.47:27643
-
auth_value
9491a1c5e11eb6097e68a4fa8627fda8
Targets
-
-
Target
ef3e28dd598d3d3fd0f6b84e0e1d7969
-
Size
385KB
-
MD5
ef3e28dd598d3d3fd0f6b84e0e1d7969
-
SHA1
b463d95a7c6922c2da3a8fa1cb255bc4ea8c814f
-
SHA256
423bc6d9cacc63994dd147ba2510d34107b3755378cdc20cbf07d972ee4ce0eb
-
SHA512
8b74720a9459fbac60c454420419a39ab7c4d9698dd91fe4d4e6353be74210a115ffdda3f8b52067ff23059c2689ce250ebb816fa5e5ecb591d8f42720fc6ea3
-
SSDEEP
6144:M1CT3Ns4nFyKkU9HmRcVPDOvISTnvxyiezLdU/Pvrbx4:M10DnAUdmRcZDOgYnvGzLy/P2
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-