General
-
Target
1a579c3c244c6d61a663d33552b5057b
-
Size
1.0MB
-
Sample
231225-nfgs7sdee8
-
MD5
1a579c3c244c6d61a663d33552b5057b
-
SHA1
8f8cad540acbc396c5fdca0f445af7af0bd4df89
-
SHA256
657ed0632158da9edb4f46a8086e9ec6167c332dc89e6a106e7891577845f574
-
SHA512
d68b8e6b5259f1664e83420fe0a6ff5e0bbe8bf15be432e427d25a16717a967c52a17dea289ac3072094c18f9655d47916c37054f4fbcb113af950deff07c3e6
-
SSDEEP
24576:XCla/6N1I2rXccaMf+VpfPQy2i9XKtG6y4gs:ylk6N1JQ9M63j0/
Static task
static1
Behavioral task
behavioral1
Sample
1a579c3c244c6d61a663d33552b5057b.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
WW
boterov.com:58198
Targets
-
-
Target
1a579c3c244c6d61a663d33552b5057b
-
Size
1.0MB
-
MD5
1a579c3c244c6d61a663d33552b5057b
-
SHA1
8f8cad540acbc396c5fdca0f445af7af0bd4df89
-
SHA256
657ed0632158da9edb4f46a8086e9ec6167c332dc89e6a106e7891577845f574
-
SHA512
d68b8e6b5259f1664e83420fe0a6ff5e0bbe8bf15be432e427d25a16717a967c52a17dea289ac3072094c18f9655d47916c37054f4fbcb113af950deff07c3e6
-
SSDEEP
24576:XCla/6N1I2rXccaMf+VpfPQy2i9XKtG6y4gs:ylk6N1JQ9M63j0/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Suspicious use of SetThreadContext
-