General
-
Target
B57E056B84E61201EABDEE40479C4DF7.exe
-
Size
95KB
-
Sample
240717-c6dnpavfpb
-
MD5
b57e056b84e61201eabdee40479c4df7
-
SHA1
7d2b0cfe3a5d32456bb4231d119f85946a4564c2
-
SHA256
57d694966323494bdfac7508932238e592921ead41ccb157bece465726aa11ef
-
SHA512
931c9c1dee80df527682e3ce2617b5df2c0f0584e62b62a10b1f18a9d9472e8115bdd4d9466604ae247be0ab1ee60d0ca19a364ab34139f9a587aa4c471419c3
-
SSDEEP
1536:1qsklqWWlbG6jejoigI/43Ywzi0Zb78ivombfexv0ujXyyed2KteulgS6pg:zEReY/+zi0ZbYe1g0ujyzdKg
Behavioral task
behavioral1
Sample
B57E056B84E61201EABDEE40479C4DF7.exe
Resource
win7-20240708-en
Malware Config
Extracted
redline
Xby
2.58.56.193:49958
Targets
-
-
Target
B57E056B84E61201EABDEE40479C4DF7.exe
-
Size
95KB
-
MD5
b57e056b84e61201eabdee40479c4df7
-
SHA1
7d2b0cfe3a5d32456bb4231d119f85946a4564c2
-
SHA256
57d694966323494bdfac7508932238e592921ead41ccb157bece465726aa11ef
-
SHA512
931c9c1dee80df527682e3ce2617b5df2c0f0584e62b62a10b1f18a9d9472e8115bdd4d9466604ae247be0ab1ee60d0ca19a364ab34139f9a587aa4c471419c3
-
SSDEEP
1536:1qsklqWWlbG6jejoigI/43Ywzi0Zb78ivombfexv0ujXyyed2KteulgS6pg:zEReY/+zi0ZbYe1g0ujyzdKg
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-