General
-
Target
db9de967bb2087cea2d05007fedd6ac6623377e1837a5c6dac81bcc30e0ef8d7
-
Size
1.2MB
-
Sample
231007-jcnecshg81
-
MD5
a116cabb58a000b4110bb85db1036fdd
-
SHA1
3f9ba924347bac386557f1927df9a849e3d1e741
-
SHA256
db9de967bb2087cea2d05007fedd6ac6623377e1837a5c6dac81bcc30e0ef8d7
-
SHA512
3b1ad48adad926aa4491d88dd17a528770c89743bd3ab767e9a14064b7c9e3763ce723edb4e31918d68566ac82f9c5c604a3d5fa5f6e55b09335a9b6090b2984
-
SSDEEP
24576:eypkF+gIuO2O1Zwhnz24m+701wlgG4jgpuPINuU6PXNzWC:tpkJWez2Rt1wlSjyPrE
Static task
static1
Behavioral task
behavioral1
Sample
db9de967bb2087cea2d05007fedd6ac6623377e1837a5c6dac81bcc30e0ef8d7.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
db9de967bb2087cea2d05007fedd6ac6623377e1837a5c6dac81bcc30e0ef8d7
-
Size
1.2MB
-
MD5
a116cabb58a000b4110bb85db1036fdd
-
SHA1
3f9ba924347bac386557f1927df9a849e3d1e741
-
SHA256
db9de967bb2087cea2d05007fedd6ac6623377e1837a5c6dac81bcc30e0ef8d7
-
SHA512
3b1ad48adad926aa4491d88dd17a528770c89743bd3ab767e9a14064b7c9e3763ce723edb4e31918d68566ac82f9c5c604a3d5fa5f6e55b09335a9b6090b2984
-
SSDEEP
24576:eypkF+gIuO2O1Zwhnz24m+701wlgG4jgpuPINuU6PXNzWC:tpkJWez2Rt1wlSjyPrE
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-