General
-
Target
AC5F78EB678258499CF14F06E7C3C20A.exe
-
Size
95KB
-
Sample
240501-wcavgscd9t
-
MD5
ac5f78eb678258499cf14f06e7c3c20a
-
SHA1
ae158c6e81bd36714b27697ca6537284f25964b4
-
SHA256
37b47855b6e7dac7af7fa051c819199018f8fd06040054bb1c8cdaad64887c40
-
SHA512
884d8983c815342322efde132b9ae25547c8b87ee00205106e3d2c77d999259dd27036543147103c3ef3332ac293769e62ac72fc7cb1186fd562eda4288776f5
-
SSDEEP
1536:9qs+XqrzWBlbG6jejoigI343Ywzi0Zb78ivombfexv0ujXyyed2t33tmulgS6pY:r0gzWHY3+zi0ZbYe1g0ujyzddY
Behavioral task
behavioral1
Sample
AC5F78EB678258499CF14F06E7C3C20A.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
cheat
54.39.249.56:61562
Targets
-
-
Target
AC5F78EB678258499CF14F06E7C3C20A.exe
-
Size
95KB
-
MD5
ac5f78eb678258499cf14f06e7c3c20a
-
SHA1
ae158c6e81bd36714b27697ca6537284f25964b4
-
SHA256
37b47855b6e7dac7af7fa051c819199018f8fd06040054bb1c8cdaad64887c40
-
SHA512
884d8983c815342322efde132b9ae25547c8b87ee00205106e3d2c77d999259dd27036543147103c3ef3332ac293769e62ac72fc7cb1186fd562eda4288776f5
-
SSDEEP
1536:9qs+XqrzWBlbG6jejoigI343Ywzi0Zb78ivombfexv0ujXyyed2t33tmulgS6pY:r0gzWHY3+zi0ZbYe1g0ujyzddY
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-