General
-
Target
08bbdb40c5c67df90e88a5b57762c2eee280dbf86958334621109fd61f78649d
-
Size
43KB
-
Sample
240419-v8jltsah69
-
MD5
88be3b858cead466f9c2110cb1347283
-
SHA1
746b972e14e796d79cf1ac39c2dc810ab2667139
-
SHA256
08bbdb40c5c67df90e88a5b57762c2eee280dbf86958334621109fd61f78649d
-
SHA512
c02e2ac8189cbf39068b5ae535f66153a81bb0a7134cc59a917a8dea71f80b9ca06350c28f5d08ab0f8d79deb3b2ed544a0d0fb1b4d5ea048ef310e933278aec
-
SSDEEP
768:SoiqSf84JdFClUnq7/24QiQxa3cfaB9Nh9qDeswI3PqEUF6YtkOiGxCWFjJ:SqkJHCuq7eP9gsiB9NYeJ2POF65Oi2CG
Behavioral task
behavioral1
Sample
8e28a0090832a76cf71c417cb1bf7990b9af86be258b732117a47f624387083c.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
tg
163.5.112.53:51523
Targets
-
-
Target
8e28a0090832a76cf71c417cb1bf7990b9af86be258b732117a47f624387083c.exe
-
Size
95KB
-
MD5
184ac479b3a878e9ac5535770ca34a2b
-
SHA1
1f99039911cc2cfd1a62ce348429ddd0f4435a60
-
SHA256
8e28a0090832a76cf71c417cb1bf7990b9af86be258b732117a47f624387083c
-
SHA512
e0f5185ae890b902ea5325066df23959106712e7990e120a1b9752bbd0331cac968af5ddd6092f75a1c576d4c83f4093dfbf53a2c90870d1c02b31a0e8282bb4
-
SSDEEP
1536:1qs+lqWWlbG6jejoigI/43Ywzi0Zb78ivombfexv0ujXyyed2HteulgS6pg:zCReY/+zi0ZbYe1g0ujyzdDg
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-