General
-
Target
901a623dbccaa22525373cd36195ee14.bin
-
Size
538KB
-
Sample
240626-ddj6fatcnr
-
MD5
e2a13e5eb5232d395228259d80e10ee1
-
SHA1
c052f4a2b96c48249cb8b9737d53a66815c7811b
-
SHA256
ef25a68f3430e16599cbe37b7d50c8319b7a62730f151ea1a2750f355e729278
-
SHA512
499e255cff7eef77d847d920668aa29618673e39a2b7ab860b3d6d62c939dd1aaa1cd322afe280109e1478ef7319c3c327c57f9b2a36b0c8ce172df2e8f4cb07
-
SSDEEP
12288:ZChkOgWVUOH5EV9WH3uMNkdUragQkC5Q/46V4cG/l3y:ZmV7HE2FkdKL1C5QnYVy
Behavioral task
behavioral1
Sample
b5e250a95073b5dfe33f66c13cc89da0fc8d3af226e5efb06bb8fcfd9a4cd6ec.exe
Resource
win7-20240508-en
Malware Config
Extracted
redline
wordfile
185.38.142.10:7474
Targets
-
-
Target
b5e250a95073b5dfe33f66c13cc89da0fc8d3af226e5efb06bb8fcfd9a4cd6ec.exe
-
Size
629KB
-
MD5
901a623dbccaa22525373cd36195ee14
-
SHA1
9adb6dddb68cd7e116da9392e7ee63a8fa394495
-
SHA256
b5e250a95073b5dfe33f66c13cc89da0fc8d3af226e5efb06bb8fcfd9a4cd6ec
-
SHA512
eabeba0eb9ae7e39577a7e313e50807cee1b888f1c8ff0fa375e5de9451a66471c791c23ea4f4af85151f96b065d55e8c1320026d8503a048a3e5968f8effc1d
-
SSDEEP
12288:SYV6MorX7qzuC3QHO9FQVHPF51jgcN6S5UesUInNnpo2R2:hBXu9HGaVHN6S5U5Rn/Y
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-