General
-
Target
7b2cb7f28305a21f2cc50b73de332f6cd208aa17635df78267653f360f4fbdc7
-
Size
1.2MB
-
Sample
231007-jynbgscc36
-
MD5
fe46391dc5016002f6c055e6e79cbc03
-
SHA1
613b2c77e100eb2726df23214a78cd8016fcef4b
-
SHA256
7b2cb7f28305a21f2cc50b73de332f6cd208aa17635df78267653f360f4fbdc7
-
SHA512
52c09b08557aa9f4bdcacd45ab0166d49340143952bb97605b0734667d79fa9483b2840b36cb21b4c011875ab8d84a8311a159632c514fde4a7484edec3712ee
-
SSDEEP
24576:PyRA8U39e4BiN97ze+upsE9ZbRvAQ+l99T5eiGzZ0U6ddu:aRTUN9i/7q+KRv789FfYZ0Uu
Static task
static1
Behavioral task
behavioral1
Sample
7b2cb7f28305a21f2cc50b73de332f6cd208aa17635df78267653f360f4fbdc7.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
7b2cb7f28305a21f2cc50b73de332f6cd208aa17635df78267653f360f4fbdc7
-
Size
1.2MB
-
MD5
fe46391dc5016002f6c055e6e79cbc03
-
SHA1
613b2c77e100eb2726df23214a78cd8016fcef4b
-
SHA256
7b2cb7f28305a21f2cc50b73de332f6cd208aa17635df78267653f360f4fbdc7
-
SHA512
52c09b08557aa9f4bdcacd45ab0166d49340143952bb97605b0734667d79fa9483b2840b36cb21b4c011875ab8d84a8311a159632c514fde4a7484edec3712ee
-
SSDEEP
24576:PyRA8U39e4BiN97ze+upsE9ZbRvAQ+l99T5eiGzZ0U6ddu:aRTUN9i/7q+KRv789FfYZ0Uu
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-