Overview
overview
10Static
static
3Exitlag Cr...L3.dll
windows10-2004-x64
1Exitlag Cr...ge.dll
windows10-2004-x64
3Exitlag Cr...tf.dll
windows10-2004-x64
3Exitlag Cr...up.exe
windows10-2004-x64
10Exitlag Cr...et.dll
windows10-2004-x64
1Exitlag Cr...ed.dll
windows10-2004-x64
1Exitlag Cr...er.dll
windows10-2004-x64
1Exitlag Cr...ge.dll
windows10-2004-x64
1Exitlag Cr...58.dll
windows10-2004-x64
1Exitlag Cr...58.dll
windows10-2004-x64
3Exitlag Cr...-4.dll
windows10-2004-x64
1Exitlag Cr...56.dll
windows10-2004-x64
3Exitlag Cr...in.dll
windows10-2004-x64
1Exitlag Cr...pi.dll
windows10-2004-x64
1Exitlag Cr...ll.dll
windows10-2004-x64
1General
-
Target
Exitlag Cracked 16.1v.rar
-
Size
4.2MB
-
Sample
240410-mbhz2acb49
-
MD5
451806c60f6f0c52cbb49026d4e14d89
-
SHA1
8463cb0297d3e3b9bd28713d1ed75ef4d78b887a
-
SHA256
090f2f668799ba806d6e5ec31bf7ff1fd39b7260f129f4d6a944decae0f04df9
-
SHA512
e59a94c974f32d2e275d97add0a1eac8fdf794db008f0ecd69835ff120afd93e446852849e30f1bf598c57305891cf7d536b645e91dccd01c07dfe2679465cff
-
SSDEEP
49152:uMKPSGs1uhQvK+8UU2JyWIpeHWf/j6fVThnaYvWG/W7FWmOEa4u2Q/L16JyFH7QE:JAsli2UpcWf/jcs3FVQh603pUrAeA
Static task
static1
Behavioral task
behavioral1
Sample
Exitlag Cracked 16.1v/SDL3.dll
Resource
win10v2004-20240319-en
Behavioral task
behavioral2
Sample
Exitlag Cracked 16.1v/SDL3_image.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
Exitlag Cracked 16.1v/SDL3_ttf.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral4
Sample
Exitlag Cracked 16.1v/Setup.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
Exitlag Cracked 16.1v/chormeset.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral6
Sample
Exitlag Cracked 16.1v/installed.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
Exitlag Cracked 16.1v/installedbrowser.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral8
Sample
Exitlag Cracked 16.1v/laungage.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
Exitlag Cracked 16.1v/libavcodec-58.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral10
Sample
Exitlag Cracked 16.1v/libavformat-58.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
Exitlag Cracked 16.1v/libavresample-4.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral12
Sample
Exitlag Cracked 16.1v/libavutil-56.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
Exitlag Cracked 16.1v/main.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral14
Sample
Exitlag Cracked 16.1v/openvr_api.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
Exitlag Cracked 16.1v/uninstall.dll
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
@Ebursteamss
45.15.156.167:80
Targets
-
-
Target
Exitlag Cracked 16.1v/SDL3.dll
-
Size
1.5MB
-
MD5
cfb1a1c99e10399cd70805f83a9f2552
-
SHA1
748b6064b7aa0b735cef70addf6402c942e11534
-
SHA256
62f1aaa6a7608990c628c0c6c81f0b12b19e97d0fa0f2cd7a39eac859e62cd9b
-
SHA512
f016f76d21184a935e70fd4dbd43386549d4d99754610168ce942d20b655090fd748b2c621dfdc9ea579568a6f0cc3ca435b8ae31b38e9acdc6906d64fbfe487
-
SSDEEP
24576:GxrJww7e22SBOhtXMoqAYKKKFIrF4MFn7AAuqND68ZKX/GgmNU39VBCARkbsAiJo:GBrF4MHuqRDZKX/5Ws9pAiJDml
Score1/10 -
-
-
Target
Exitlag Cracked 16.1v/SDL3_image.dll
-
Size
232KB
-
MD5
72e5436ce413c4132c99ad49d1c5434e
-
SHA1
a8643fcb3a85aa0bf2eaa3f67e055c48afa69636
-
SHA256
fe0d82bfbac24f278168c385dad90e75d85aae9ff1fd8e54f7a2b908f13e78d7
-
SHA512
a726b504ff931260a548d85ebd81b365d0bfc7767eddcd7d909cae3428d114bf8813c57caff248e81fa1a95c3a7d7ef04408e653c45fca4fc6127dd21cbc43a0
-
SSDEEP
3072:E+BlPPr46x1qZgG6OZRvpSzoA7PCd7r3thtCvmOnL0/iDfsKKb4gM/D1btqNnrGO:3lAMCd7rTtCvJLTDDKDM/DDhg
Score3/10 -
-
-
Target
Exitlag Cracked 16.1v/SDL3_ttf.dll
-
Size
1.6MB
-
MD5
ad56b88c5165b3b6d64c3335af6ad533
-
SHA1
69ebf811c0d10841f6264a98ade06d1ab3a61f8c
-
SHA256
07803a28a527126dbfb0da580c82e99747df50297ef492829dbcb593bd78172b
-
SHA512
6448b98d3ffd3a4dfc1c5e6552f2602644506707da4dad83c5a89cedbc65101f499879339d79d111f978f2a40ab38ca0df831142d6c64f557725f085bbf2fd80
-
SSDEEP
24576:8SBXg5eeFMXqwaAeuYpZysG3hldm3nlLqDlDKZ9YGdFX6tAX:8cXgfFseuQysemUJD6YGHX6tK
Score3/10 -
-
-
Target
Exitlag Cracked 16.1v/Setup.exe
-
Size
524KB
-
MD5
51572f0efb4215101e57a85710061718
-
SHA1
b16af0d8d82e578b333f192e3590c794d50e85a7
-
SHA256
5bc00e0d5b240ef921484440fdc739abfc1d478cf62e9c72a53493cec8c6f7fc
-
SHA512
8a036618c42b6237f6d2fcb56b4567c15ce0830a79bfbeeb5a4448e9e9869895263234635ec6463ef1a75931722b9d5e0160fea96f9900b434d998c56f329a5f
-
SSDEEP
6144:8zMFIEAiKeUH7Cc5vNg0XSqJ6pi10RXMk9rUNshEMoi/biylY/1Vfvab:jF1KzCcd7XyqnkWNUEMtmXab
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
Exitlag Cracked 16.1v/chormeset.dll
-
Size
20KB
-
MD5
7e624a0c6e7feca519bd19f2e4ea5ebe
-
SHA1
147cfe0ffeb8168c767ec16230be6409704ec823
-
SHA256
b88dca6ae123d8ade83838c356b90b24356fc48246acd64c3047ae83d2d56dee
-
SHA512
f7c6e5da328ffb7d93a9453fdfef5e5686f7048fdfcb73e38449cc08aced4cd894ad1322631012f94ccd6bd6f336967ed9b1b750e13bb5421e0f216481292620
-
SSDEEP
384:DDiuVgFfj3vV8Q4jfpwKNsgM8wah7cdAM+o/8E9VF0Nym3tNW:vVgFfj3vOD0gM8waOdAMxkEC+
Score1/10 -
-
-
Target
Exitlag Cracked 16.1v/installed.dll
-
Size
20KB
-
MD5
803d0c699a91475132b8151bff25e905
-
SHA1
522eacfa36c8cfff530053169e993f59a69328cc
-
SHA256
c4f6fba8da9394e73f3d2854697794877d6e78aa403bda9a417df3ba2ea3b910
-
SHA512
2d7b8d416f306a40bf592b5aaf098859e7c95e416a6e0f5115e24d4d91d97982772482178d060d1f621715b04139dba20d1345a2527f257809a6fd8601171676
-
SSDEEP
384:ZiuKO1fTeNryM8pwKNsgM8waer9AM+o/8E9VF0Ny5Ys1r:tKO1beNr1pgM8wamAMxkE1r
Score1/10 -
-
-
Target
Exitlag Cracked 16.1v/installedbrowser.dll
-
Size
20KB
-
MD5
d019e04c68e540091f0db7cea493b0f9
-
SHA1
124852e5723e8c49a870004469c129ee94ac22b2
-
SHA256
89695412eb3943140a6b5733ac0d39a9086788a4737eb5fb16d92fb2547a2460
-
SHA512
f2d9309eb67969a7b261055dbb3d33f9110fbeb2c97acdd7595f5590bad5339e6c20f667ce7ae9271d2d939a1cdc1953ca8c2abe870b1f373dfea8cce3805395
-
SSDEEP
384:/iuNqHozZ/8aDY2pwKNsgM8wacVTAM+o/8E9VF0Ny08EJ:/NqHozZ/8dTgM8waeAMxkEQ
Score1/10 -
-
-
Target
Exitlag Cracked 16.1v/laungage.dll
-
Size
20KB
-
MD5
27abb916a3039c6c946c6640ac5a7131
-
SHA1
6dd46e7ca282649c7a87a926c91e44c3ef192472
-
SHA256
ad10b0aeca561db71592a9beb321ac1ca728bb12d76c6ea256d1224265cecd7d
-
SHA512
1dbfc224c33f7326f2ffea5ca8902edeae782ece92ce3c84d54d2979925990b5466854010410aa9a880e23a32c40d244837f435b3f26faaf5fc09cc171ac69fa
-
SSDEEP
384:fiu95UReU8XegbuCdH2pwKNsgM8waj/0pAM+o/8E9VF0NyJlA4:f95UReU8OYTgM8wawpAMxkE3
Score1/10 -
-
-
Target
Exitlag Cracked 16.1v/libavcodec-58.dll
-
Size
4.9MB
-
MD5
5dd132a65a3829e2534436255112ec8b
-
SHA1
4461e0c1d4aff818882e73e31e3fbb612379da94
-
SHA256
38bb9bb273bf94c8a533a55eb6dccd57fac2420db1b00018ed2051a97dc25e80
-
SHA512
4327d6e727aa919ad41b6b8f4b37112fd3c8eb240a09c7cd104c4f8992dc1b1d153d46e636b6bd55df774bc147c1c96a23e6ad8ae09df4352668b76a35f871ca
-
SSDEEP
98304:8yCDJkaJk5SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSvSSSSSSSSSSSSSSSlwwwww1:hCDJkaJkT5mP2yDqjasxNXJpDF4zBerc
Score1/10 -
-
-
Target
Exitlag Cracked 16.1v/libavformat-58.dll
-
Size
1.4MB
-
MD5
3c7bc5b6603cec694ef088bd677a672b
-
SHA1
e6de48ad68b7064b096e374fa80fcc84d845c977
-
SHA256
1639253b474d9da6e4c1fdda53a5453e76cc1dd9743ad8b3ba2b4294dd07d5e1
-
SHA512
064a06e3701cd319462d2a515c7f569e10d9783d0f3ad1df583220861acfb657262426d7d1c69d54f22276876ab16214d9e3e0f6ee8216a790c2f955ab1c0890
-
SSDEEP
24576:WAsXZWwA5rE1vKnRIpbkbKBmJsNKZYzfXMgnilD6tiyIHy9YTexjrRyhiwToH:WAspUMCRJKBAZY4oi0jrRlwT+
Score3/10 -
-
-
Target
Exitlag Cracked 16.1v/libavresample-4.dll
-
Size
578KB
-
MD5
da412d5959011eb6db566908ca9c1ce8
-
SHA1
a7309698d34e6de665860317e059bb095c213e92
-
SHA256
7d3403eeaa38fbf43cd18cdf034d8ea5e271ab1fad72ce624f6aa8692d00f1e5
-
SHA512
b142c3cf6aa45645909b49d32462b04fd3a106203de6ad9b533730159006ecdee6175d56af768d1566c10472ca0bba48d75575a489ec6e5d27e237107ebe352e
-
SSDEEP
12288:Hx+1aYfcKToINMyVZBJm5QsW894V9r2UaNs1+gzPzjYWEx4E+2Yv5Nu:0FzjYMv5Nu
Score1/10 -
-
-
Target
Exitlag Cracked 16.1v/libavutil-56.dll
-
Size
1.2MB
-
MD5
0372fe05da238a315df054ab788d2891
-
SHA1
0052e55424d644224fb6c17342b5bd0787aab640
-
SHA256
b7c5616f1c3ca67a8d818d33481e3497ced67dfb92e0d80cc78ecde983cc7d61
-
SHA512
821ca7fafa77edafeea72315b898cd96eb62d05f8a8376cd418818034146f5feedd5dca3fcc03ea08b244f9435f7d55a8a8e133c926207cfb254da1718cab0d7
-
SSDEEP
24576:TeNaqLQN99oBo9BmGTNWW1Ih2QQ4vROb46yk/5G1z:TeNJC9ko9BmGTEw4NGch
Score3/10 -
-
-
Target
Exitlag Cracked 16.1v/main.dll
-
Size
20KB
-
MD5
fda0c08d4d8338c6f85e2aac572c2a93
-
SHA1
f199168b8f977500dc8a842d46fd8412baf2a1bd
-
SHA256
928bbb74ee0c820381d778351db50ef5787283c82ff557ff77a0351f71447784
-
SHA512
2ef4ff7020d290b493b0560487ace68ff1e214f20cffbb56ac621dd811f10667ebd6fa4fd73267e0923a0d1b8afdfd18381c20802905e0d5c48b0741dc54e14f
-
SSDEEP
384:X1iu2u6mndkt1YY1pwKNsgM8wateYAM+o/8E9VF0Nyhp0b:XZ2u6mndkjHqgM8waBAMxkE/e
Score1/10 -
-
-
Target
Exitlag Cracked 16.1v/openvr_api.dll
-
Size
260KB
-
MD5
2fdfa82223228c1e9430d0bad68a8328
-
SHA1
24ce79a2588b26c33d309e3d0846ebe9010c4f45
-
SHA256
7b83ed968423ed724a8668c4126d81faf099a5fb5e457f806b3256b1caf9b596
-
SHA512
bf8590e1d89db52e59a146d62f8916e0bc418febab4dfc44da0e5e505d4fab6be3d230aed1d8c22ba0744c432a8edd2158077bd1ac0c1aaae7d4ef0702650e97
-
SSDEEP
3072:RlkrIs9euKubZCAaUh5spFPEyUjipPrsygCTsX2Dx26hVz4bS+/LKPluQiUKFYI:3Sl9zdaeT+1rBTsXb6h5tWQ2FYI
Score1/10 -
-
-
Target
Exitlag Cracked 16.1v/uninstall.dll
-
Size
5KB
-
MD5
10c6434f2180b6a97711755968a18f20
-
SHA1
98c6ac59f1591effb975ca2215aa38634a55eeee
-
SHA256
2b0875133200aa106861b007f94fc78c2df112105b58bf6147cd9a892d02daf3
-
SHA512
1296bd9547086e519fd7e4cb7de9d288636d4f18bae2c2d7bfbf372fc7cd5c3f48976e9d5323c039f4e2d4a898bdaa05e6a59d8d90c478f8577668ac00784a81
-
SSDEEP
48:6zvUokweAHNLRHXZI1WAOk6srpyg8x0lEsPYkjor1Se6BfO2Uoo40w63XD8wcBwm:qMohVtLRp4F1rAIlECYHmfO23oK
Score1/10 -