General
-
Target
Phoenix.exe
-
Size
96KB
-
Sample
240607-ksn69seh42
-
MD5
312d812633bd27cfe777b71cd110d90a
-
SHA1
12865f062e42c20b335ac65d18276d3724407203
-
SHA256
e6a2f526ba2b181c8fa6dc4f1a751079738d1aa6ffbd0c8a7067eac2ddd714ce
-
SHA512
151f3f6d6bcb53afe2807051d4f518fb56f62593f64a45127fcf3d0e53e28254908bbea829c398aff27a54e45a9f8d622fcd2f54f978d903a08c25cbacd5945b
-
SSDEEP
1536:2qsGSqrglbG6jejoigIq43Ywzi0Zb78ivombfexv0ujXyyed2Kt4ulgS6pP:kFkwYq+zi0ZbYe1g0ujyzdiP
Malware Config
Extracted
redline
cheat
51.178.171.56:50378
Targets
-
-
Target
Phoenix.exe
-
Size
96KB
-
MD5
312d812633bd27cfe777b71cd110d90a
-
SHA1
12865f062e42c20b335ac65d18276d3724407203
-
SHA256
e6a2f526ba2b181c8fa6dc4f1a751079738d1aa6ffbd0c8a7067eac2ddd714ce
-
SHA512
151f3f6d6bcb53afe2807051d4f518fb56f62593f64a45127fcf3d0e53e28254908bbea829c398aff27a54e45a9f8d622fcd2f54f978d903a08c25cbacd5945b
-
SSDEEP
1536:2qsGSqrglbG6jejoigIq43Ywzi0Zb78ivombfexv0ujXyyed2Kt4ulgS6pP:kFkwYq+zi0ZbYe1g0ujyzdiP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT
SectopRAT is a remote access trojan first seen in November 2019.
-
SectopRAT payload
-