General
-
Target
68be3a9f3f6fe233e7b61ccd747891403cedfd086658a4d213076615cab3d817
-
Size
3.4MB
-
Sample
241113-y4c52asjcl
-
MD5
8a9491b7abae64c90227b29e68433a32
-
SHA1
d2d224b88f0436af09c5c09a4bd719f25113a835
-
SHA256
68be3a9f3f6fe233e7b61ccd747891403cedfd086658a4d213076615cab3d817
-
SHA512
3e1cc82ccdfaa9588427ece06f2d5e750691944805efcb02b093666e1ace401d17719801f5fab23df5952cad84433b73d079d900fd9400d41d305ecd3bd4fdc2
-
SSDEEP
12288:C76D0Cjh3wB7R9H3nTZKV/SVgjpplNL/QRZjK:SYjAl3TINL/QDm
Malware Config
Extracted
redline
hyce
193.70.111.186:13484
Targets
-
-
Target
68be3a9f3f6fe233e7b61ccd747891403cedfd086658a4d213076615cab3d817
-
Size
3.4MB
-
MD5
8a9491b7abae64c90227b29e68433a32
-
SHA1
d2d224b88f0436af09c5c09a4bd719f25113a835
-
SHA256
68be3a9f3f6fe233e7b61ccd747891403cedfd086658a4d213076615cab3d817
-
SHA512
3e1cc82ccdfaa9588427ece06f2d5e750691944805efcb02b093666e1ace401d17719801f5fab23df5952cad84433b73d079d900fd9400d41d305ecd3bd4fdc2
-
SSDEEP
12288:C76D0Cjh3wB7R9H3nTZKV/SVgjpplNL/QRZjK:SYjAl3TINL/QDm
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
SectopRAT
SectopRAT is a remote access trojan first seen in November 2019.
-
SectopRAT payload
-
Sectoprat family
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-