MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 dcddfa4a3c9f52a3d9a4d797112d8cbce8e939d611833f0140338fcbd440a83c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
RedLineStealer
Vendor detections: 6
| SHA256 hash: | dcddfa4a3c9f52a3d9a4d797112d8cbce8e939d611833f0140338fcbd440a83c |
|---|---|
| SHA3-384 hash: | cfd9ca7bcf0fb4542c16d7fae7caf6700fa4974a35cde9d3cdaf0387d405a6e3740062977bff9fc36a82ec5043cb7473 |
| SHA1 hash: | 541dd7d045d113c91994f5b5b4fe2a9e5ba80382 |
| MD5 hash: | 2cde445a9aec4dbd1ccf251e7fec4f4b |
| humanhash: | twenty-delaware-fanta-earth |
| File name: | Reptile_World_Launcher_0.7.5 (beta).zip |
| Download: | download sample |
| Signature | RedLineStealer |
| File size: | 40'548'425 bytes |
| First seen: | 2022-11-14 16:54:09 UTC |
| Last seen: | Never |
| File type: | zip |
| MIME type: | application/zip |
| ssdeep | 786432:jhyy3p7iFwHBabk3OoxS0jgnVXwMK8RmO26q7JSZnGTmkivX6XZ:wy52FM2kVS0siMK8Rz26CTmk3J |
| TLSH | T1AE97339B9B498579C8D197B005C23D91BF3A619FCB5CBD123897546E2CC8228B5FFB80 |
| TrID | 80.0% (.ZIP) ZIP compressed archive (4000/1) 20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1) |
| Reporter |  iamdeadlyz |
| Tags: | AsyncRAT exe pw RW075 RedLineStealer ReptileWorld zip |
Iamdeadlyz
From reptile-world.net (impersonation of rchronicles.org)RedLineStealer C&C: 77.73.134.13:3660
AsyncRAT C&C: 82.115.223.14:4449
Intelligence
File Origin
# of uploads :
1
# of downloads :
252
Origin country :
n/a
File Archive Information
This file archive contains 2 file(s), sorted by their relevance:
| File name: | Readme.txt |
|---|---|
| File size: | 978 bytes |
| SHA256 hash: | 966027b6a6e23a90c9114a1ad2a348283309151e9c7304834e8db7bc6aafd235 |
| MD5 hash: | 5634bdc988361201ad900cb94c0a10db |
| MIME type: | text/plain |
| Signature | RedLineStealer |
| File name: | ReptileWorld 0.7.5(beta).zip |
|---|---|
| File size: | 40'547'745 bytes |
| SHA256 hash: | ce6b6abb5fde07f7a967e42e0302f49a9cb9e41f51e8d74a872c577e526036cf |
| MD5 hash: | f968d4ccaecaafadf5ed4a69af7a5f07 |
| MIME type: | application/zip |
| Signature | RedLineStealer |
Vendor Threat Intelligence
Verdict:
No Threat
Threat level:
10/10
Confidence:
100%
Result
Verdict:
MALICIOUS
Link:
Gathering data
Threat name:
ByteCode-MSIL.Infostealer.Reline
Status:
Malicious
First seen:
2022-11-14 16:55:30 UTC
File Type:
Binary (Archive)
Extracted files:
2
AV detection:
1 of 26 (3.85%)
Threat level:
5/5
Detection(s):
Suspicious file
Gathering data
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Redline
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Web download
RedLineStealer
zip dcddfa4a3c9f52a3d9a4d797112d8cbce8e939d611833f0140338fcbd440a83c
(this sample)
13e790439d7439753bdea2f6778be382d97d30601a2077697030f06f8b7df29f
Dropping
SHA256 13e790439d7439753bdea2f6778be382d97d30601a2077697030f06f8b7df29f
Dropping
SHA256 ac3395e4c872ee7308b1d9f69a9a70118bcccdec86c90cbf2ad2c1d30672fc1f
Dropping
SHA256 2721a94dbcb284bedea4a16ce1e0c435fcefdb9410bff23c56ab2c61334fef7c
Delivery method
Distributed via web download
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.