General
-
Target
slinkyloader.exe
-
Size
18.5MB
-
Sample
240421-s5q6dseg6s
-
MD5
ffa4025c4dc66e6bd9c83697e8975e55
-
SHA1
da4abcef65277ba88aec118c6309fa8529d099c3
-
SHA256
da63b969039a65aa38a43a0db322d08210f5feff8dea04c86623e5c0190c4cc8
-
SHA512
9f32758585c6024af6530c9484e5c6cdd925ccb59fe7986415590dddd5d47f8bcf4f503bc66ea4bb911dbd8098c847de5a0185cc30bb57b45bc9e78c9889053a
-
SSDEEP
393216:HKRqNWNKROYkhkpXorNv+oXsDS3LNK3HOU6x0pW/lJktSrZPLAB:qANWKRrpYrNvou7NK3uU6E29dPL
Behavioral task
behavioral1
Sample
slinkyloader.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
cheat
month-washer.gl.at.ply.gg:33498
Targets
-
-
Target
slinkyloader.exe
-
Size
18.5MB
-
MD5
ffa4025c4dc66e6bd9c83697e8975e55
-
SHA1
da4abcef65277ba88aec118c6309fa8529d099c3
-
SHA256
da63b969039a65aa38a43a0db322d08210f5feff8dea04c86623e5c0190c4cc8
-
SHA512
9f32758585c6024af6530c9484e5c6cdd925ccb59fe7986415590dddd5d47f8bcf4f503bc66ea4bb911dbd8098c847de5a0185cc30bb57b45bc9e78c9889053a
-
SSDEEP
393216:HKRqNWNKROYkhkpXorNv+oXsDS3LNK3HOU6x0pW/lJktSrZPLAB:qANWKRrpYrNvou7NK3uU6E29dPL
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-