General
-
Target
eded9b78dcd74538a9040382f745a019bd917efb0cb342c7bd994408c97640fa
-
Size
1.2MB
-
Sample
231006-1sln5sad39
-
MD5
1537f212b4f17f75b75b662d4ed2fd25
-
SHA1
1c0cf637a43565a896a473c9276f0b72493a5e27
-
SHA256
eded9b78dcd74538a9040382f745a019bd917efb0cb342c7bd994408c97640fa
-
SHA512
5c5f33b0f9712c2d5139e777c565466cac22c180ec200123a589148915507dca029b9bdf49e148af6d72ad9a5724fcd7b2f9f5f2b596b9b98836a110d68de0fd
-
SSDEEP
24576:Kysx5AMlBRHHBSIW2HB6iO0mJolb4L5zr36SRVO/:RsxpJHvWcB6Z0+CbarH
Static task
static1
Behavioral task
behavioral1
Sample
eded9b78dcd74538a9040382f745a019bd917efb0cb342c7bd994408c97640fa.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
eded9b78dcd74538a9040382f745a019bd917efb0cb342c7bd994408c97640fa
-
Size
1.2MB
-
MD5
1537f212b4f17f75b75b662d4ed2fd25
-
SHA1
1c0cf637a43565a896a473c9276f0b72493a5e27
-
SHA256
eded9b78dcd74538a9040382f745a019bd917efb0cb342c7bd994408c97640fa
-
SHA512
5c5f33b0f9712c2d5139e777c565466cac22c180ec200123a589148915507dca029b9bdf49e148af6d72ad9a5724fcd7b2f9f5f2b596b9b98836a110d68de0fd
-
SSDEEP
24576:Kysx5AMlBRHHBSIW2HB6iO0mJolb4L5zr36SRVO/:RsxpJHvWcB6Z0+CbarH
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-