General
-
Target
0bd838102a59a3cecddbafddd887bbd6011c2493139cbb02b92c9854e54e818e
-
Size
1.2MB
-
Sample
231007-hdzckshe81
-
MD5
1a60bd560307b2bc5f296236b712d04d
-
SHA1
e27e61df43a504e4ae76ce8598fa7e30635f5c52
-
SHA256
0bd838102a59a3cecddbafddd887bbd6011c2493139cbb02b92c9854e54e818e
-
SHA512
88eed991bae751de16fffd6a91b90eebdbeee4643e5dd3a3b1364f363ad0836af5eb71eab3fe9062f12356320c92ab92ca8be5293960e85ae5ba4a2ce39adf4b
-
SSDEEP
24576:qyRG0Xu0fSL+Jm0U5WE+e9uRierIoFqEvdO7MQdjcozQ:xR9Xu0f00m0U5F5q9hlO4Qdjco
Static task
static1
Behavioral task
behavioral1
Sample
0bd838102a59a3cecddbafddd887bbd6011c2493139cbb02b92c9854e54e818e.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
0bd838102a59a3cecddbafddd887bbd6011c2493139cbb02b92c9854e54e818e
-
Size
1.2MB
-
MD5
1a60bd560307b2bc5f296236b712d04d
-
SHA1
e27e61df43a504e4ae76ce8598fa7e30635f5c52
-
SHA256
0bd838102a59a3cecddbafddd887bbd6011c2493139cbb02b92c9854e54e818e
-
SHA512
88eed991bae751de16fffd6a91b90eebdbeee4643e5dd3a3b1364f363ad0836af5eb71eab3fe9062f12356320c92ab92ca8be5293960e85ae5ba4a2ce39adf4b
-
SSDEEP
24576:qyRG0Xu0fSL+Jm0U5WE+e9uRierIoFqEvdO7MQdjcozQ:xR9Xu0f00m0U5F5q9hlO4Qdjco
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-