General
-
Target
c4645840f0dde746aa0c49ae17ff29da423fa6e409a8ecb1eeaaddf6f7c6ebe0
-
Size
43KB
-
Sample
240419-v8sjqsbg2v
-
MD5
fa5af34f56151ce341ac8782429e7501
-
SHA1
6acc42b1a8d5ddc150ad44bf952ed55fd837c72f
-
SHA256
c4645840f0dde746aa0c49ae17ff29da423fa6e409a8ecb1eeaaddf6f7c6ebe0
-
SHA512
0fec00331bea2cd40a332900a76b46c2fa37fbb459bf2912eea96c6bb60d0dd926ad496e722b41762ab06423c18958a947d97db005293faf6ae3a6a897ed93e6
-
SSDEEP
768:KW0XabBAC8oohQcUdfB6dYfKxD+1K9wgS37bydetOBPmYWuS+iivI:KW0aN8VUdfMaf29wxbydKOdmCSjqI
Behavioral task
behavioral1
Sample
5ecf0dade29bc4365035554275d07a72b112d0b6bc7487cef6a1c40ed50ea28e.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
cheat
0.tcp.eu.ngrok.io:18950
Targets
-
-
Target
5ecf0dade29bc4365035554275d07a72b112d0b6bc7487cef6a1c40ed50ea28e.exe
-
Size
95KB
-
MD5
7a8ecbc488543dd3ce6cfe5ba9d5cd8b
-
SHA1
87031bf7d870ffb4a6bec6e44a38045834017b50
-
SHA256
5ecf0dade29bc4365035554275d07a72b112d0b6bc7487cef6a1c40ed50ea28e
-
SHA512
e6f9080c58f1f10fdcedb23e4efd525ad4a40573c0f69f65d8ec3f6e5de45544bd8b5b96ad6603e1b291eb6697b3ed03cd4265d9249ffe90fcc22ef977f95eef
-
SSDEEP
1536:Fqsgaq+A/lbG6jejoigIP43Ywzi0Zb78ivombfexv0ujXyyed2/3teulgS6pQl:DfZeYP+zi0ZbYe1g0ujyzdjQ
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Legitimate hosting services abused for malware hosting/C2
-