General
-
Target
55c250bdb998a1c96ae43bfa8a14ed041635109dceda6df6bfc0659f3467b5be
-
Size
898KB
-
Sample
231004-s3l4nacg7t
-
MD5
5996f5969a6b028ae59c6b3d01a8ced5
-
SHA1
3267286cfa56c7117c09680d1e2a004e7c962fb9
-
SHA256
55c250bdb998a1c96ae43bfa8a14ed041635109dceda6df6bfc0659f3467b5be
-
SHA512
0ea3651eb9fddb113e568672f377beb2bb473e05c92cc42e6a0b9246cae69691b509b7779ac5880af8581820d2aafe9c4469dfa47557402d8c9e16ff1849a013
-
SSDEEP
12288:DyoOjSsEl0w61WArd+8Abfat/Cqdx6sGlEl9b52QOxOsliiazc70y5qdBVgFZM6W:eoOmswfat/Ckx6YdQaz0W0o6Of
Static task
static1
Behavioral task
behavioral1
Sample
55c250bdb998a1c96ae43bfa8a14ed041635109dceda6df6bfc0659f3467b5be.exe
Resource
win7-20230831-de
Malware Config
Extracted
redline
bild
185.215.113.116:41120
Targets
-
-
Target
55c250bdb998a1c96ae43bfa8a14ed041635109dceda6df6bfc0659f3467b5be
-
Size
898KB
-
MD5
5996f5969a6b028ae59c6b3d01a8ced5
-
SHA1
3267286cfa56c7117c09680d1e2a004e7c962fb9
-
SHA256
55c250bdb998a1c96ae43bfa8a14ed041635109dceda6df6bfc0659f3467b5be
-
SHA512
0ea3651eb9fddb113e568672f377beb2bb473e05c92cc42e6a0b9246cae69691b509b7779ac5880af8581820d2aafe9c4469dfa47557402d8c9e16ff1849a013
-
SSDEEP
12288:DyoOjSsEl0w61WArd+8Abfat/Cqdx6sGlEl9b52QOxOsliiazc70y5qdBVgFZM6W:eoOmswfat/Ckx6YdQaz0W0o6Of
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-