General
-
Target
87885e1f8220c407247e9132a59a22b10ebb7e3986794871fa112cbfce79648f
-
Size
917KB
-
Sample
231111-hhfe9sdd77
-
MD5
6f629bb06b63621e976377833e7eb2ba
-
SHA1
0e0f0de084332d7db401b794cab7681f2adcabc6
-
SHA256
87885e1f8220c407247e9132a59a22b10ebb7e3986794871fa112cbfce79648f
-
SHA512
2f263960a3d9bdaa15fe40b41eddceaa430227c2560614dcaebb342a3053f4e5a6a6534c58087284bcf6188d042a762fdababe250034cf4a3b46db69aac3a527
-
SSDEEP
24576:myxnjLtG58aeuIsmC/GdLYDrtb6FRSMW93Cz43:1NjLtwFetBEGW3t+Wn9Ss
Static task
static1
Behavioral task
behavioral1
Sample
87885e1f8220c407247e9132a59a22b10ebb7e3986794871fa112cbfce79648f.exe
Resource
win10v2004-20231025-en
Malware Config
Extracted
redline
taiga
5.42.92.51:19057
Targets
-
-
Target
87885e1f8220c407247e9132a59a22b10ebb7e3986794871fa112cbfce79648f
-
Size
917KB
-
MD5
6f629bb06b63621e976377833e7eb2ba
-
SHA1
0e0f0de084332d7db401b794cab7681f2adcabc6
-
SHA256
87885e1f8220c407247e9132a59a22b10ebb7e3986794871fa112cbfce79648f
-
SHA512
2f263960a3d9bdaa15fe40b41eddceaa430227c2560614dcaebb342a3053f4e5a6a6534c58087284bcf6188d042a762fdababe250034cf4a3b46db69aac3a527
-
SSDEEP
24576:myxnjLtG58aeuIsmC/GdLYDrtb6FRSMW93Cz43:1NjLtwFetBEGW3t+Wn9Ss
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-