General
-
Target
0c670f6ea327a67f469695c3352788d6
-
Size
979KB
-
Sample
231224-w9lcgshccr
-
MD5
0c670f6ea327a67f469695c3352788d6
-
SHA1
0a24d7d92b6dce9e1062e2ece00523356fa6eefc
-
SHA256
285787473588e955d279b9404b03ca843a2af300086b3a802a69434a5b5344c8
-
SHA512
1a54fe3c2a2fb946c47e762a5fcf4a66abda7f7faf8fe03790d7141ff64948174491030944a6b0007e54948276efa9b0184edbdf2866f34ce4fdeb41829a214f
-
SSDEEP
24576:IVYiV4/OGS1yc7nvZL76xyJ6b/qR4y/sM6pTXZ1Y3BEA74pf:niK7S13dL+b/qRIlpLZ1YxEA
Static task
static1
Behavioral task
behavioral1
Sample
0c670f6ea327a67f469695c3352788d6.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
0c670f6ea327a67f469695c3352788d6.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
1907721452
188.40.193.166:43180
Targets
-
-
Target
0c670f6ea327a67f469695c3352788d6
-
Size
979KB
-
MD5
0c670f6ea327a67f469695c3352788d6
-
SHA1
0a24d7d92b6dce9e1062e2ece00523356fa6eefc
-
SHA256
285787473588e955d279b9404b03ca843a2af300086b3a802a69434a5b5344c8
-
SHA512
1a54fe3c2a2fb946c47e762a5fcf4a66abda7f7faf8fe03790d7141ff64948174491030944a6b0007e54948276efa9b0184edbdf2866f34ce4fdeb41829a214f
-
SSDEEP
24576:IVYiV4/OGS1yc7nvZL76xyJ6b/qR4y/sM6pTXZ1Y3BEA74pf:niK7S13dL+b/qRIlpLZ1YxEA
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Looks for VMWare Tools registry key
-
Suspicious use of SetThreadContext
-