General
-
Target
1479ee68750242f019956fd3443e761a.bin
-
Size
1.3MB
-
Sample
231112-bm22hach95
-
MD5
309ca2f5c776f47353a955eda8c139a2
-
SHA1
67017bf4aa9509e676fa78b4595a0e8a936f0b52
-
SHA256
ac8b1c2cdaff87e2efe181bf16086fefd3921aabd6dd122099315b113312dd97
-
SHA512
fad26075ab64bb5d38cd8cf82041a45e26b007cdc9db013442354a4c2ba3c67f08eaec7911a56e3661f77208df64a942090058d673963800d8b377d3b50745d4
-
SSDEEP
24576:QyBvKZkbJUeS6MZXlBdnbghiVEPt3Sy95pTiG1pj7ktQn:TCZAUr6O0iVExbpTiUIc
Static task
static1
Behavioral task
behavioral1
Sample
7011baaee0cf94f06cf89fd2672f6d3e0a304abd72324532cc4e871326395391.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
taiga
5.42.92.51:19057
Targets
-
-
Target
7011baaee0cf94f06cf89fd2672f6d3e0a304abd72324532cc4e871326395391.exe
-
Size
1.3MB
-
MD5
1479ee68750242f019956fd3443e761a
-
SHA1
8253aebd1a754172c192e1e9ffd1d5e7a9af4ea7
-
SHA256
7011baaee0cf94f06cf89fd2672f6d3e0a304abd72324532cc4e871326395391
-
SHA512
164f9acc32622d68033454087ef21e3101e02d938f82c3b7c993ded4624d469604372c8b339539c852c85f7dde2fe05ba6298aec1fb699ef768e765562b0b03b
-
SSDEEP
24576:3y3B0B/2xS0WWvaeoIs2CFG0pYDNQcrc/0a2ODjjIN3JvMeZKMGeWgfXr2:C3KQIfe/16GD9c8ODjc35MeZR
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-