General
-
Target
Magtek-I380 MAGNETIC CREDIT CARDS2021.exe
-
Size
18.3MB
-
Sample
240107-qjrhxsgbdp
-
MD5
fbde172b90ea19acabf815e3c433edaa
-
SHA1
91a4cf027936cc663104b30535f00536cabb72cc
-
SHA256
14d7d6125f2bce6ecb7ecc0f20f47562f4aab1da54bc35e2718b942646e7aecc
-
SHA512
bb4390616844ffca2c33cf47494bdbfd83010b30fe612f549c9d49c4b01ecb143f2607038639bfc0ca124068fa09d143964f53f634e09c56a8c64f58ed20b339
-
SSDEEP
393216:wXxhXM/bH/2hCOeW9paqMbfIHd183HOpj6l8+i8bEoQZ/85ABvyWfhXTR:wBhgbHQCO/w7IHd18XOpj6l8N8b5QZ/R
Static task
static1
Behavioral task
behavioral1
Sample
Magtek-I380 MAGNETIC CREDIT CARDS2021.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Magtek-I380 MAGNETIC CREDIT CARDS2021.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
black
213.136.85.189:51682
Targets
-
-
Target
Magtek-I380 MAGNETIC CREDIT CARDS2021.exe
-
Size
18.3MB
-
MD5
fbde172b90ea19acabf815e3c433edaa
-
SHA1
91a4cf027936cc663104b30535f00536cabb72cc
-
SHA256
14d7d6125f2bce6ecb7ecc0f20f47562f4aab1da54bc35e2718b942646e7aecc
-
SHA512
bb4390616844ffca2c33cf47494bdbfd83010b30fe612f549c9d49c4b01ecb143f2607038639bfc0ca124068fa09d143964f53f634e09c56a8c64f58ed20b339
-
SSDEEP
393216:wXxhXM/bH/2hCOeW9paqMbfIHd183HOpj6l8+i8bEoQZ/85ABvyWfhXTR:wBhgbHQCO/w7IHd18XOpj6l8N8b5QZ/R
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Executes dropped EXE
-