General
-
Target
modest-menu.exe
-
Size
512KB
-
Sample
240629-p2sm9sxgjf
-
MD5
95615078a0eb33b1c7bcaa420550c44e
-
SHA1
9009ebd7a01c84a4637d06fd16be33cbb8dc2b61
-
SHA256
c957609147be9600ae8ecf2a977bfd8ae9eb1a8dfa0c4f303be0636ebd518156
-
SHA512
bff7428847a5d57d6a6229aa5442384b07df2d6a3ce0bf9d9a859232106845d3c3764a5d9dd1c2d7d16dda4f414636039f513d097947975538e9a5c2544e6d02
-
SSDEEP
12288:kKFfKsLIh/4h7TqZFjLb6A4OgyVUrFuma1HwTAT36Z/xZWb/GG:k8iP/EPqZFvb6A4xuGMTKWO
Static task
static1
Behavioral task
behavioral1
Sample
modest-menu.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
modest-menu.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
@mass1vexdd
94.228.166.68:80
Targets
-
-
Target
modest-menu.exe
-
Size
512KB
-
MD5
95615078a0eb33b1c7bcaa420550c44e
-
SHA1
9009ebd7a01c84a4637d06fd16be33cbb8dc2b61
-
SHA256
c957609147be9600ae8ecf2a977bfd8ae9eb1a8dfa0c4f303be0636ebd518156
-
SHA512
bff7428847a5d57d6a6229aa5442384b07df2d6a3ce0bf9d9a859232106845d3c3764a5d9dd1c2d7d16dda4f414636039f513d097947975538e9a5c2544e6d02
-
SSDEEP
12288:kKFfKsLIh/4h7TqZFjLb6A4OgyVUrFuma1HwTAT36Z/xZWb/GG:k8iP/EPqZFvb6A4xuGMTKWO
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-