General
-
Target
b83faaa540ef13e08d4538798104d23e5719a0c8603d238e24b5cb05dfaa166d
-
Size
43KB
-
Sample
240419-t9wr4sad71
-
MD5
7c19cb07876ff0237882dd4f6ab96e1f
-
SHA1
045ccb1c04daecb7a3d8d8bd7c32dea0ec4be330
-
SHA256
b83faaa540ef13e08d4538798104d23e5719a0c8603d238e24b5cb05dfaa166d
-
SHA512
2b34c47cebc384879fbbbe8764353aff3e2eb6dc791f8ddf87ffee51971698de90b9f34f042501fed56d3c5d106d840d1ddfd4b41ec3bc18879959f117580ee5
-
SSDEEP
768:53eiUDGHpSHy0dEZ4mkPFRNXHn4rHkxMs4SrcW3Xg29dqMos0xr5j9T8:53ZpapdEZR2F/XlMdS/3w2W3s0x1h8
Behavioral task
behavioral1
Sample
5ecf0dade29bc4365035554275d07a72b112d0b6bc7487cef6a1c40ed50ea28e.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
cheat
0.tcp.eu.ngrok.io:18950
Targets
-
-
Target
5ecf0dade29bc4365035554275d07a72b112d0b6bc7487cef6a1c40ed50ea28e.exe
-
Size
95KB
-
MD5
7a8ecbc488543dd3ce6cfe5ba9d5cd8b
-
SHA1
87031bf7d870ffb4a6bec6e44a38045834017b50
-
SHA256
5ecf0dade29bc4365035554275d07a72b112d0b6bc7487cef6a1c40ed50ea28e
-
SHA512
e6f9080c58f1f10fdcedb23e4efd525ad4a40573c0f69f65d8ec3f6e5de45544bd8b5b96ad6603e1b291eb6697b3ed03cd4265d9249ffe90fcc22ef977f95eef
-
SSDEEP
1536:Fqsgaq+A/lbG6jejoigIP43Ywzi0Zb78ivombfexv0ujXyyed2/3teulgS6pQl:DfZeYP+zi0ZbYe1g0ujyzdjQ
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Legitimate hosting services abused for malware hosting/C2
-