MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7ee89660f7db9ed2fd7c8810256d2f092ffc2055432f8cd2ded61e83e9a99233. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RedLineStealer


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7ee89660f7db9ed2fd7c8810256d2f092ffc2055432f8cd2ded61e83e9a99233
SHA3-384 hash: 15053df59e6b659c3ed4ca3031f3c029a1d3e22999d7309a015c84a9692a2bd0d7ad043052aec63a469a9efc9154b85b
SHA1 hash: f2f7de581167a6ce91e3c183cd69111ff562a2e3
MD5 hash: 9e9ba79b8186a9f10776b9714c1eb6c5
humanhash: ack-lemon-mountain-lactose
File name:ReptileWorld_Launcher_Setup.rar
Download: download sample
Signature RedLineStealer
Create hunting rule
File size:282'048 bytes
First seen:2022-07-01 19:22:42 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 3072:JmRsLkzPgg9KZVAPOLmFgVl37cOACBRm+nJgIs+QsW8TenXRJE98Gj+4Do5+hSyX:IG2P9KjAPJW1QOlv1JHpAXTINjaUtHpR
TLSH T1B354572D35C8A69BD579B3C8A723F53C3FD078BA062056C6B7F0B657C908488CD66A71
TrID 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1)
38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Reporter iamdeadlyz
Tags:exe pw RW073 rar RedLineStealer ReptileWorld


Avatar
Iamdeadlyz
From reptileworldp2e.com (impersonation of rchronicles.org)
RedLineStealer C&C: 193.124.22.17:23520

Intelligence

File Origin
# of uploads :
1
# of downloads :
380
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.PWS.Steam.28827.6498.26735.UNOFFICIAL
Create hunting rule

Gathering data
Result
Verdict:
MALICIOUS
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7ee89660f7db9ed2fd7c8810256d2f092ffc2055432f8cd2ded61e83e9a99233/
Threat name:
Win32.Infostealer.Bandra
Create hunting rule
Status:
Malicious
First seen:
2022-07-01 19:48:03 UTC
AV detection:
7 of 26 (26.92%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=p3ujmyhx3opnf7l4raick3jpbex7yicvimxyzuw62ypih2njsizq._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/220701-x3r25accc2/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

RedLineStealer

rar 7ee89660f7db9ed2fd7c8810256d2f092ffc2055432f8cd2ded61e83e9a99233

(this sample)

anyrun
any.run
https://app.any.run/tasks/cd9dfffb-7a9b-46e0-8dbf-d753738e9b49
  
X
https://twitter.com/Iamdeadlyz/status/1542949989483024384
  
Delivery method
Distributed via web download

Comments