General
-
Target
aa655275f38f95ad181fd5383b3b6a42f964b866a412aca2c72ce7fac1371ab7
-
Size
1.2MB
-
Sample
231007-h8dz5aca76
-
MD5
19373473cc896e8f8c6925fba51ee712
-
SHA1
de3dcf041132a75b2bfc6d8fecd3df5ef09ec060
-
SHA256
aa655275f38f95ad181fd5383b3b6a42f964b866a412aca2c72ce7fac1371ab7
-
SHA512
e8248657272aa4767bdf9a7e87ed58ec25c8f6e8982fa15d9ed3cbbbf7925262631fb14300568fecf197dfa33b1e623b0415b13fa849b1a1c68144cc17bd4fa4
-
SSDEEP
24576:3yDQ6zkL5fS+Ae2zlyi1yTa+rAtaozZwnG2edX5q00afq+s/rf:CDQ6QVfNAezi1y2+oyncO09sD
Static task
static1
Behavioral task
behavioral1
Sample
aa655275f38f95ad181fd5383b3b6a42f964b866a412aca2c72ce7fac1371ab7.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
aa655275f38f95ad181fd5383b3b6a42f964b866a412aca2c72ce7fac1371ab7
-
Size
1.2MB
-
MD5
19373473cc896e8f8c6925fba51ee712
-
SHA1
de3dcf041132a75b2bfc6d8fecd3df5ef09ec060
-
SHA256
aa655275f38f95ad181fd5383b3b6a42f964b866a412aca2c72ce7fac1371ab7
-
SHA512
e8248657272aa4767bdf9a7e87ed58ec25c8f6e8982fa15d9ed3cbbbf7925262631fb14300568fecf197dfa33b1e623b0415b13fa849b1a1c68144cc17bd4fa4
-
SSDEEP
24576:3yDQ6zkL5fS+Ae2zlyi1yTa+rAtaozZwnG2edX5q00afq+s/rf:CDQ6QVfNAezi1y2+oyncO09sD
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-