General
-
Target
9531d3bc145da5d871d5922508cfdf63
-
Size
1.1MB
-
Sample
231219-y97xlaghf8
-
MD5
9531d3bc145da5d871d5922508cfdf63
-
SHA1
da9adfd4321e6f9daabf2d76a4519cc0a76daced
-
SHA256
925b727a1a30f066da82b39bcc6dfaf67200eede833d0847f6b07d7a975ce49b
-
SHA512
a8bce9e196db10e7164945caa334de643f232bb21589d4119e2968af50521766839ed4e901f007b32d887f92967d1c2e56d0fa1fe73c83504c8ef71691346c46
-
SSDEEP
24576:+3X2NyxIh7h1Sxj9naJQ2oo63n1v/pu+k+woON:cGNAIRhsxj5o631v/pqPN
Static task
static1
Behavioral task
behavioral1
Sample
9531d3bc145da5d871d5922508cfdf63.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
9531d3bc145da5d871d5922508cfdf63.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
@zenvolord
185.209.22.181:34925
Targets
-
-
Target
9531d3bc145da5d871d5922508cfdf63
-
Size
1.1MB
-
MD5
9531d3bc145da5d871d5922508cfdf63
-
SHA1
da9adfd4321e6f9daabf2d76a4519cc0a76daced
-
SHA256
925b727a1a30f066da82b39bcc6dfaf67200eede833d0847f6b07d7a975ce49b
-
SHA512
a8bce9e196db10e7164945caa334de643f232bb21589d4119e2968af50521766839ed4e901f007b32d887f92967d1c2e56d0fa1fe73c83504c8ef71691346c46
-
SSDEEP
24576:+3X2NyxIh7h1Sxj9naJQ2oo63n1v/pu+k+woON:cGNAIRhsxj5o631v/pqPN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-