General
-
Target
GhostRat.zip
-
Size
519.2MB
-
Sample
240229-w4zb6ahe45
-
MD5
053313b5bcade5af41229397b5eaa696
-
SHA1
a5ff75290f50455e8ec839dec6fd8c1cade417c8
-
SHA256
c64dacc0f9d08f1d2eef9a299b99658351a68112584590e25521df796b63c9c3
-
SHA512
57e291667ac6cb1b29b5542db47b9289d209dca88ea63bf548c13de5ef9442c60bd63653f5ff10a8abcff09fd948352e0222762801d30e5d53c30172b62d41a2
-
SSDEEP
12582912:iriTSjybeUc1q+zC7sHlxg6+vPA6uRrVJ:inUV+m7ulxg6+nA6u3
Behavioral task
behavioral1
Sample
GhostRat.zip
Resource
win11-20240221-en
Malware Config
Extracted
redline
cheat
138.2.103.61:19345
Targets
-
-
Target
GhostRat.zip
-
Size
519.2MB
-
MD5
053313b5bcade5af41229397b5eaa696
-
SHA1
a5ff75290f50455e8ec839dec6fd8c1cade417c8
-
SHA256
c64dacc0f9d08f1d2eef9a299b99658351a68112584590e25521df796b63c9c3
-
SHA512
57e291667ac6cb1b29b5542db47b9289d209dca88ea63bf548c13de5ef9442c60bd63653f5ff10a8abcff09fd948352e0222762801d30e5d53c30172b62d41a2
-
SSDEEP
12582912:iriTSjybeUc1q+zC7sHlxg6+vPA6uRrVJ:inUV+m7ulxg6+nA6u3
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-