General
-
Target
e82271a73dc99c82d12a9dc6d98212ed0d742f0637f69e721bf434b94c1a432e
-
Size
43KB
-
Sample
240419-v8x48aah86
-
MD5
070a27cd03c36642906ec7ca0c74bf8a
-
SHA1
d0cc2862911dfc2ccec248c71d7b152938ca3d09
-
SHA256
e82271a73dc99c82d12a9dc6d98212ed0d742f0637f69e721bf434b94c1a432e
-
SHA512
f604f8f17628b2e4a70295811bf8afd72973ed64f5980ae0c80525aefda24ed445fd6ba1ea318f88c886cf3461a22e74a75d6cedd2bcb9784e742903e760a236
-
SSDEEP
768:VZpCiDp+jeZxyoS2OtTv/K1pgLG2zPq/Izc5w2o8iip00hM853hIhcRJiw:30jYEL5yfgnPq/IzcToilzHIaOw
Behavioral task
behavioral1
Sample
8e28a0090832a76cf71c417cb1bf7990b9af86be258b732117a47f624387083c.exe
Resource
win7-20240215-en
Malware Config
Extracted
redline
tg
163.5.112.53:51523
Targets
-
-
Target
8e28a0090832a76cf71c417cb1bf7990b9af86be258b732117a47f624387083c.exe
-
Size
95KB
-
MD5
184ac479b3a878e9ac5535770ca34a2b
-
SHA1
1f99039911cc2cfd1a62ce348429ddd0f4435a60
-
SHA256
8e28a0090832a76cf71c417cb1bf7990b9af86be258b732117a47f624387083c
-
SHA512
e0f5185ae890b902ea5325066df23959106712e7990e120a1b9752bbd0331cac968af5ddd6092f75a1c576d4c83f4093dfbf53a2c90870d1c02b31a0e8282bb4
-
SSDEEP
1536:1qs+lqWWlbG6jejoigI/43Ywzi0Zb78ivombfexv0ujXyyed2HteulgS6pg:zCReY/+zi0ZbYe1g0ujyzdDg
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-