General
-
Target
a939a0aa6a7c9b38863b7d7b3effdd2e8ba4c383184d09dd6f1d0b70d6f68bae
-
Size
1.2MB
-
Sample
231007-fpeq7sbe32
-
MD5
eeab073f95dd55c966b3d6a784e7c63c
-
SHA1
0f58b29df823e6962507dccd87838a896122656a
-
SHA256
a939a0aa6a7c9b38863b7d7b3effdd2e8ba4c383184d09dd6f1d0b70d6f68bae
-
SHA512
d36cd9f94ce006157af2cb088935ccfe5b73fa7c82ae46cd8674320373487c4ea8be0ca816a6f4b73dba9a36ea661c68b39c35a6c91594a528c9be61903dfae5
-
SSDEEP
24576:nyYGF0dfYc5TCw33sgeI+D/tV6ev7CftifzkLqREYj7:yYPbTCGcgtg6evytCzTSY
Static task
static1
Behavioral task
behavioral1
Sample
a939a0aa6a7c9b38863b7d7b3effdd2e8ba4c383184d09dd6f1d0b70d6f68bae.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
a939a0aa6a7c9b38863b7d7b3effdd2e8ba4c383184d09dd6f1d0b70d6f68bae
-
Size
1.2MB
-
MD5
eeab073f95dd55c966b3d6a784e7c63c
-
SHA1
0f58b29df823e6962507dccd87838a896122656a
-
SHA256
a939a0aa6a7c9b38863b7d7b3effdd2e8ba4c383184d09dd6f1d0b70d6f68bae
-
SHA512
d36cd9f94ce006157af2cb088935ccfe5b73fa7c82ae46cd8674320373487c4ea8be0ca816a6f4b73dba9a36ea661c68b39c35a6c91594a528c9be61903dfae5
-
SSDEEP
24576:nyYGF0dfYc5TCw33sgeI+D/tV6ev7CftifzkLqREYj7:yYPbTCGcgtg6evytCzTSY
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-