General
-
Target
7da201e492ebc04a834ceea3e26f0d31c961753447913cb5b1f8a1b334527daa
-
Size
917KB
-
Sample
231111-atswqscf63
-
MD5
470f0aaa32c50a9b18ebc7775729d3fa
-
SHA1
934d9b0c34ff9f17389dca270e4d1e05b2560f70
-
SHA256
7da201e492ebc04a834ceea3e26f0d31c961753447913cb5b1f8a1b334527daa
-
SHA512
da2d0ff6da6df3a0185e206c23397437c50a24b8ecf02028f126a27aad3fbc7a0bcdb7bb3ded4cc6939c1ea50251cfbbdb5fb3f3e1389c461b761c8c2b537cc3
-
SSDEEP
12288:DMr9y90BUbr0NldHC7aex4IC5epCPHGg6PLvTMXiYQbDXG9MNmEHqQUKI6f7JeTk:qyWUG5kaeuIs6C/GFLYDBQUKI6f7SpC
Static task
static1
Behavioral task
behavioral1
Sample
7da201e492ebc04a834ceea3e26f0d31c961753447913cb5b1f8a1b334527daa.exe
Resource
win10-20231020-en
Malware Config
Extracted
redline
taiga
5.42.92.51:19057
Targets
-
-
Target
7da201e492ebc04a834ceea3e26f0d31c961753447913cb5b1f8a1b334527daa
-
Size
917KB
-
MD5
470f0aaa32c50a9b18ebc7775729d3fa
-
SHA1
934d9b0c34ff9f17389dca270e4d1e05b2560f70
-
SHA256
7da201e492ebc04a834ceea3e26f0d31c961753447913cb5b1f8a1b334527daa
-
SHA512
da2d0ff6da6df3a0185e206c23397437c50a24b8ecf02028f126a27aad3fbc7a0bcdb7bb3ded4cc6939c1ea50251cfbbdb5fb3f3e1389c461b761c8c2b537cc3
-
SSDEEP
12288:DMr9y90BUbr0NldHC7aex4IC5epCPHGg6PLvTMXiYQbDXG9MNmEHqQUKI6f7JeTk:qyWUG5kaeuIs6C/GFLYDBQUKI6f7SpC
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-