General
-
Target
e4d5154753b7811814f5fa08fc4212d1f55b23bd9c0ec049f7a8e983036359c9
-
Size
1.2MB
-
Sample
231007-e4tm8sbd68
-
MD5
833e81969d87f5ba695ccba6a883f7d2
-
SHA1
05320ff7a7870d571de236b4ce848be960528039
-
SHA256
e4d5154753b7811814f5fa08fc4212d1f55b23bd9c0ec049f7a8e983036359c9
-
SHA512
4d66f9c6f371eea1c78765ea82fc60ce8ff3ac7227402cf6d548403f82e3c47848093c41d8352d4e54d74cab0a739a620cce517e2b165555be08d05d41f24e88
-
SSDEEP
24576:RyaiO0a+Wj1BV1qBCL/ck+aKp2fcHhJjRV9Fau:EBa+6BV1qoL/J8RRV9E
Static task
static1
Behavioral task
behavioral1
Sample
e4d5154753b7811814f5fa08fc4212d1f55b23bd9c0ec049f7a8e983036359c9.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
e4d5154753b7811814f5fa08fc4212d1f55b23bd9c0ec049f7a8e983036359c9
-
Size
1.2MB
-
MD5
833e81969d87f5ba695ccba6a883f7d2
-
SHA1
05320ff7a7870d571de236b4ce848be960528039
-
SHA256
e4d5154753b7811814f5fa08fc4212d1f55b23bd9c0ec049f7a8e983036359c9
-
SHA512
4d66f9c6f371eea1c78765ea82fc60ce8ff3ac7227402cf6d548403f82e3c47848093c41d8352d4e54d74cab0a739a620cce517e2b165555be08d05d41f24e88
-
SSDEEP
24576:RyaiO0a+Wj1BV1qBCL/ck+aKp2fcHhJjRV9Fau:EBa+6BV1qoL/J8RRV9E
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-