General
-
Target
98f576bf9c2b7f7cc2f174d5f4793f0faecf424ba89e6c3ef97fb40deec0e575
-
Size
95KB
-
Sample
240926-2p7b4ssaqm
-
MD5
14bd964c6e45ac40d474f56d03cb98ce
-
SHA1
69293148466e1e9701829382a0d60dbab8c7e34c
-
SHA256
98f576bf9c2b7f7cc2f174d5f4793f0faecf424ba89e6c3ef97fb40deec0e575
-
SHA512
70eef9d6b8b35aaea37fc5517b0af3b04def62695f1d5026ec1453d222663181bfd067d752b82961447bf9128424a75ba94229810be612f0dd86a4ad8273b983
-
SSDEEP
1536:iqs+NqBUlbG6jejoigIk43Ywzi0Zb78ivombfexv0ujXyyed2ptmulgS6p4:AuCMYk+zi0ZbYe1g0ujyzdp4
Behavioral task
behavioral1
Sample
98f576bf9c2b7f7cc2f174d5f4793f0faecf424ba89e6c3ef97fb40deec0e575.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
98f576bf9c2b7f7cc2f174d5f4793f0faecf424ba89e6c3ef97fb40deec0e575.exe
Resource
win10-20240404-en
Malware Config
Extracted
redline
www.exodusmirrors.com
91.92.251.170:1334
Targets
-
-
Target
98f576bf9c2b7f7cc2f174d5f4793f0faecf424ba89e6c3ef97fb40deec0e575
-
Size
95KB
-
MD5
14bd964c6e45ac40d474f56d03cb98ce
-
SHA1
69293148466e1e9701829382a0d60dbab8c7e34c
-
SHA256
98f576bf9c2b7f7cc2f174d5f4793f0faecf424ba89e6c3ef97fb40deec0e575
-
SHA512
70eef9d6b8b35aaea37fc5517b0af3b04def62695f1d5026ec1453d222663181bfd067d752b82961447bf9128424a75ba94229810be612f0dd86a4ad8273b983
-
SSDEEP
1536:iqs+NqBUlbG6jejoigIk43Ywzi0Zb78ivombfexv0ujXyyed2ptmulgS6p4:AuCMYk+zi0ZbYe1g0ujyzdp4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-