General
-
Target
067dcfb8218ff882d62b482b0d3906c8928c03101304c81d5edc5a01371d8743
-
Size
1.3MB
-
Sample
231111-j54l2sdf52
-
MD5
7eebbfe69da91da5e2856e6a2d011817
-
SHA1
3e1c8aa5ebd0483e43a43574acb074caa9d10847
-
SHA256
067dcfb8218ff882d62b482b0d3906c8928c03101304c81d5edc5a01371d8743
-
SHA512
605c2ea0260b75556c93cb2c5d0cdf7a8dc23591cfdda4d8ecd6945ab81d3be74d1bb694bf597650c8d500ad510a7a0d1b982e6a0774a423edb4ac095905edc0
-
SSDEEP
24576:/ySJvvXm4psOn9aeJIsWC+GECLDzmkJgOZwQ3xo0Bt9mKi4g:KSJ24psO4eyPzGfe3Q3BBzm8
Static task
static1
Behavioral task
behavioral1
Sample
067dcfb8218ff882d62b482b0d3906c8928c03101304c81d5edc5a01371d8743.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
taiga
5.42.92.51:19057
Targets
-
-
Target
067dcfb8218ff882d62b482b0d3906c8928c03101304c81d5edc5a01371d8743
-
Size
1.3MB
-
MD5
7eebbfe69da91da5e2856e6a2d011817
-
SHA1
3e1c8aa5ebd0483e43a43574acb074caa9d10847
-
SHA256
067dcfb8218ff882d62b482b0d3906c8928c03101304c81d5edc5a01371d8743
-
SHA512
605c2ea0260b75556c93cb2c5d0cdf7a8dc23591cfdda4d8ecd6945ab81d3be74d1bb694bf597650c8d500ad510a7a0d1b982e6a0774a423edb4ac095905edc0
-
SSDEEP
24576:/ySJvvXm4psOn9aeJIsWC+GECLDzmkJgOZwQ3xo0Bt9mKi4g:KSJ24psO4eyPzGfe3Q3BBzm8
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-