General
-
Target
a1fd6d8d1c89f7ff74a36a409e31efffcbfe34bb13e9169524e3529a598254b7
-
Size
43KB
-
Sample
240419-t5lfkshd33
-
MD5
985439a6f909c44c71bd9ddf49017d63
-
SHA1
16e1c711d26f2fd73947465e85cac2b9e038faf1
-
SHA256
a1fd6d8d1c89f7ff74a36a409e31efffcbfe34bb13e9169524e3529a598254b7
-
SHA512
b52f95366a398a1a0872d9f57ac55308da46cd49d8c572d4962a4b276a0ad028d71b382f67dcb9b05bbd50932ad16fd70efa9dde45cfd5487ca39634d37e0219
-
SSDEEP
768:zQryGvYXH3yi/qnmfzsh3IXd5hxcnC6xjnFAUmxVn+lcSD4wkTiSxAg3e:UrvvYXCFmrsh32d+1jFAUWOD47TfAgu
Behavioral task
behavioral1
Sample
80488bf5f30ea2398ff207b9045a0e230aff2d052ea56156a0e96b57784dc0e5.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
cheat
0.tcp.in.ngrok.io:17383
Targets
-
-
Target
80488bf5f30ea2398ff207b9045a0e230aff2d052ea56156a0e96b57784dc0e5.exe
-
Size
95KB
-
MD5
117eef8a227e6ce3646718d0ed6fb7b1
-
SHA1
db6e21bf637604aa0be4f73142a1b7447cc83553
-
SHA256
80488bf5f30ea2398ff207b9045a0e230aff2d052ea56156a0e96b57784dc0e5
-
SHA512
b889b1b965251c74776d3f8981f042f6364157d3c3049e59ad3fbd12dc5d95b938db37870b2bb0de6781e7ee48c0a6cf80318b31b60b6df2be96241a34d478a1
-
SSDEEP
1536:Fqsgaq+A/lbG6jejoigIP43Ywzi0Zb78ivombfexv0ujXyyed2z3teulgS6pQl:DfZeYP+zi0ZbYe1g0ujyzdfQ
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Legitimate hosting services abused for malware hosting/C2
-