General
-
Target
0846ca161974e42e8d868a891eebd2da5f3ea9931cadce361fe74f3d00b4b1a0
-
Size
385KB
-
Sample
241109-ah6cpawjaj
-
MD5
47ab069d36052cce74306a4d4b4c13ba
-
SHA1
d0dc9fc98c2a1550930ee5607b4a3aef59fecf43
-
SHA256
0846ca161974e42e8d868a891eebd2da5f3ea9931cadce361fe74f3d00b4b1a0
-
SHA512
0f19c84c72c14839928037b2e740fbe4a7505f26d2428e6fd1f1b08a544e0202bd5515643c3e68a1e5106a9cfcdba685f2fe0bc0939addc629ea730ab76d9c3c
-
SSDEEP
6144:04KcMrskuTelECIiYgolvLCtGjTuQjciChOeKRSe3Cz2sGfMGBMPz5:WcnTOyvWtGjTbQiChOeKRy2sGfPBqz
Malware Config
Extracted
redline
usamoney
45.142.215.47:27643
-
auth_value
9491a1c5e11eb6097e68a4fa8627fda8
Targets
-
-
Target
0846ca161974e42e8d868a891eebd2da5f3ea9931cadce361fe74f3d00b4b1a0
-
Size
385KB
-
MD5
47ab069d36052cce74306a4d4b4c13ba
-
SHA1
d0dc9fc98c2a1550930ee5607b4a3aef59fecf43
-
SHA256
0846ca161974e42e8d868a891eebd2da5f3ea9931cadce361fe74f3d00b4b1a0
-
SHA512
0f19c84c72c14839928037b2e740fbe4a7505f26d2428e6fd1f1b08a544e0202bd5515643c3e68a1e5106a9cfcdba685f2fe0bc0939addc629ea730ab76d9c3c
-
SSDEEP
6144:04KcMrskuTelECIiYgolvLCtGjTuQjciChOeKRSe3Cz2sGfMGBMPz5:WcnTOyvWtGjTbQiChOeKRy2sGfPBqz
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
SectopRAT
SectopRAT is a remote access trojan first seen in November 2019.
-
SectopRAT payload
-
Sectoprat family
-