General
-
Target
d8255777959f052f8c011675483a307c63e57e21b3b35bd8f03b7eb52e786694
-
Size
1.2MB
-
Sample
231007-jkw2gahh4v
-
MD5
8093311caea463a7e2fecd07655ad589
-
SHA1
899edf7380341af9717b149cfa372df1f3b202bc
-
SHA256
d8255777959f052f8c011675483a307c63e57e21b3b35bd8f03b7eb52e786694
-
SHA512
896d609c152d7f4e5980c85f071ef590b0c970ebb912ba77149ee567d96fe696d399a5004ff8cc01a48835d576b227ffeed2d57dbdec589dee8f851feee1dea6
-
SSDEEP
24576:4yM1WpIQ3vTnAEnkot5Rpi/+nCC2etJLZTVAgvjpPdMXaNuh:/6kpk0pOJC1ttZTqkPdZN
Static task
static1
Behavioral task
behavioral1
Sample
d8255777959f052f8c011675483a307c63e57e21b3b35bd8f03b7eb52e786694.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
d8255777959f052f8c011675483a307c63e57e21b3b35bd8f03b7eb52e786694
-
Size
1.2MB
-
MD5
8093311caea463a7e2fecd07655ad589
-
SHA1
899edf7380341af9717b149cfa372df1f3b202bc
-
SHA256
d8255777959f052f8c011675483a307c63e57e21b3b35bd8f03b7eb52e786694
-
SHA512
896d609c152d7f4e5980c85f071ef590b0c970ebb912ba77149ee567d96fe696d399a5004ff8cc01a48835d576b227ffeed2d57dbdec589dee8f851feee1dea6
-
SSDEEP
24576:4yM1WpIQ3vTnAEnkot5Rpi/+nCC2etJLZTVAgvjpPdMXaNuh:/6kpk0pOJC1ttZTqkPdZN
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-