General
-
Target
fcffb79daaf59af9b778cdce968f98c6bd7f37ad34c8f01643d49fc9c3f14c12
-
Size
43KB
-
Sample
240419-wyzqqsbg88
-
MD5
12edc0eebfebda4a7bcb5d60642635a6
-
SHA1
f2423d00b06a7ebaf0194deee51d717faeeeb011
-
SHA256
fcffb79daaf59af9b778cdce968f98c6bd7f37ad34c8f01643d49fc9c3f14c12
-
SHA512
d5724db407a0c085bb821d264cf3cdb363c1df4e024fa2b5112cc8a576131618e3d32e31bafee415c922c930e26fad54e87e22616d87fe7183885a38675e34df
-
SSDEEP
768:BlwT5R5abn0TctXqfNmmJMYvZrR0HC95nubJevwGQGMajmORH9GkS7o+v65DM1s2:eD50nlJqzMYdKHxsWGMWRA7fMA1CT6P
Behavioral task
behavioral1
Sample
296ba6cda5de53df58f72f9293894d5f5c5354c93d8910e3cd7b39ce0fe7f4b3.exe
Resource
win7-20240215-en
Malware Config
Extracted
redline
cheat
0.tcp.in.ngrok.io:17232
Targets
-
-
Target
296ba6cda5de53df58f72f9293894d5f5c5354c93d8910e3cd7b39ce0fe7f4b3
-
Size
95KB
-
MD5
22167af6daccaf46331d575bcd8533df
-
SHA1
49140a09dffb087fa7228a0d69ad0b919f57bdb5
-
SHA256
296ba6cda5de53df58f72f9293894d5f5c5354c93d8910e3cd7b39ce0fe7f4b3
-
SHA512
3b56313c9ce1230d5e0445d9a839b2a65c566399e433d6b355d1bc918055d40f5e8e88ee7e6bb9492198753782b6200edead785ec5478a9e9906efb079e7bfac
-
SSDEEP
1536:Fqsgaq+A/lbG6jejoigIP43Ywzi0Zb78ivombfexv0ujXyyed2g3teulgS6pQl:DfZeYP+zi0ZbYe1g0ujyzdeQ
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Legitimate hosting services abused for malware hosting/C2
-