General
-
Target
29ec4459f7c5b96be00eb9d75d7992fe8fc81618ba6c1c136a35d0d29b14ba83
-
Size
1.2MB
-
Sample
231007-m3tkvadd75
-
MD5
1a68bcc3c6710c7235c62499b82502f3
-
SHA1
a41bc48f31a078d6d04aa016b60aa16d9f4bdf02
-
SHA256
29ec4459f7c5b96be00eb9d75d7992fe8fc81618ba6c1c136a35d0d29b14ba83
-
SHA512
1e34fb4c668df6383a64bf92392fab7455b942e029340f2e01be9969029d67faeeb7a5ad462aa4089c8c2b7ed7460278194e0eac19459cb577e878150dd31942
-
SSDEEP
24576:RymO7YjIef0hVwjymGpacyJI2ny2QUIcbwpPSWgOPYLOsfOig:EmOUEY0hVwjhCyJfy2QXcOPNggYLOsr
Static task
static1
Behavioral task
behavioral1
Sample
29ec4459f7c5b96be00eb9d75d7992fe8fc81618ba6c1c136a35d0d29b14ba83.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
29ec4459f7c5b96be00eb9d75d7992fe8fc81618ba6c1c136a35d0d29b14ba83
-
Size
1.2MB
-
MD5
1a68bcc3c6710c7235c62499b82502f3
-
SHA1
a41bc48f31a078d6d04aa016b60aa16d9f4bdf02
-
SHA256
29ec4459f7c5b96be00eb9d75d7992fe8fc81618ba6c1c136a35d0d29b14ba83
-
SHA512
1e34fb4c668df6383a64bf92392fab7455b942e029340f2e01be9969029d67faeeb7a5ad462aa4089c8c2b7ed7460278194e0eac19459cb577e878150dd31942
-
SSDEEP
24576:RymO7YjIef0hVwjymGpacyJI2ny2QUIcbwpPSWgOPYLOsfOig:EmOUEY0hVwjhCyJfy2QXcOPNggYLOsr
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-