General
-
Target
2bed4ea70d0e8707549aac41f29fea0c9a994c68cc33636d802429b5694f077f
-
Size
1.2MB
-
Sample
231007-d98tnsha6s
-
MD5
4a81e0857c9762c946ab1ca7eef1cdf5
-
SHA1
1a2d38328e3d5a077bcdda01e89a749fc491f234
-
SHA256
2bed4ea70d0e8707549aac41f29fea0c9a994c68cc33636d802429b5694f077f
-
SHA512
84754b9ccc2b3384f93c5b1543065d207853eee1c6a47e1a75a46aa61eda06a49f937d4bbdba8fc1074eed33377789b048a80431689435bb6cc32870e6bdee93
-
SSDEEP
24576:6yXenkiqAtofLsPurQPLpCw37ew+wDXR3CCJO6TfMU+aLiAFJiBr:BXen6Atoftw1Cw37FlXBPTHluAFJiB
Static task
static1
Behavioral task
behavioral1
Sample
2bed4ea70d0e8707549aac41f29fea0c9a994c68cc33636d802429b5694f077f.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
2bed4ea70d0e8707549aac41f29fea0c9a994c68cc33636d802429b5694f077f
-
Size
1.2MB
-
MD5
4a81e0857c9762c946ab1ca7eef1cdf5
-
SHA1
1a2d38328e3d5a077bcdda01e89a749fc491f234
-
SHA256
2bed4ea70d0e8707549aac41f29fea0c9a994c68cc33636d802429b5694f077f
-
SHA512
84754b9ccc2b3384f93c5b1543065d207853eee1c6a47e1a75a46aa61eda06a49f937d4bbdba8fc1074eed33377789b048a80431689435bb6cc32870e6bdee93
-
SSDEEP
24576:6yXenkiqAtofLsPurQPLpCw37ew+wDXR3CCJO6TfMU+aLiAFJiBr:BXen6Atoftw1Cw37FlXBPTHluAFJiB
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-