General
-
Target
13B9619F45569BC734D79CF8A412AD08.exe
-
Size
95KB
-
Sample
240717-s7l98a1bje
-
MD5
13b9619f45569bc734d79cf8a412ad08
-
SHA1
8e8894286ff8bacc85bb8cc53a258d8753208011
-
SHA256
537a5c269f9e9f5800a0b21d17d07a23bf81dcd90abe8145892820baf6d5f502
-
SHA512
3f537deb8d93e73fe6c4f5c714b3a408c374e49a2f7d9772edd60aa15234491fb43280306d9e052e092cc0c88a77edb402fa64ad324e0ea9caddc49328cad2e3
-
SSDEEP
1536:5qsCOqJGlbG6jejoigIj43Ywzi0Zb78ivombfexv0ujXyyed2vteulgS6p8l:X1uOYj+zi0ZbYe1g0ujyzdL8
Behavioral task
behavioral1
Sample
13B9619F45569BC734D79CF8A412AD08.exe
Resource
win7-20240708-en
Malware Config
Extracted
redline
10 aad
172.245.106.43:28053
Targets
-
-
Target
13B9619F45569BC734D79CF8A412AD08.exe
-
Size
95KB
-
MD5
13b9619f45569bc734d79cf8a412ad08
-
SHA1
8e8894286ff8bacc85bb8cc53a258d8753208011
-
SHA256
537a5c269f9e9f5800a0b21d17d07a23bf81dcd90abe8145892820baf6d5f502
-
SHA512
3f537deb8d93e73fe6c4f5c714b3a408c374e49a2f7d9772edd60aa15234491fb43280306d9e052e092cc0c88a77edb402fa64ad324e0ea9caddc49328cad2e3
-
SSDEEP
1536:5qsCOqJGlbG6jejoigIj43Ywzi0Zb78ivombfexv0ujXyyed2vteulgS6p8l:X1uOYj+zi0ZbYe1g0ujyzdL8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-