General
-
Target
1b16e2191f359e9806db5568a00eb1e7
-
Size
832KB
-
Sample
231225-nns67sfaa3
-
MD5
1b16e2191f359e9806db5568a00eb1e7
-
SHA1
8df43890da67c141f89e4a1da6fa10175d53ed32
-
SHA256
c003b5c28f58332d5c54e5e63254594fecdc710089e63768aef5865bc2991710
-
SHA512
089da3c5f6e085df8ebd55aa1c651fbb46cecb3a2160aacaaf049355bb753eedcab77810c2aedc8a8e140cd3d2b41b6fafc4dc89847ead0a9e818fc008b74d4f
-
SSDEEP
24576:wq3RB1l/i4/dilP5w25WO8tK946122ZST:w7xwTxto4G228
Static task
static1
Behavioral task
behavioral1
Sample
1b16e2191f359e9806db5568a00eb1e7.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
Проверка
193.56.146.22:47861
Targets
-
-
Target
1b16e2191f359e9806db5568a00eb1e7
-
Size
832KB
-
MD5
1b16e2191f359e9806db5568a00eb1e7
-
SHA1
8df43890da67c141f89e4a1da6fa10175d53ed32
-
SHA256
c003b5c28f58332d5c54e5e63254594fecdc710089e63768aef5865bc2991710
-
SHA512
089da3c5f6e085df8ebd55aa1c651fbb46cecb3a2160aacaaf049355bb753eedcab77810c2aedc8a8e140cd3d2b41b6fafc4dc89847ead0a9e818fc008b74d4f
-
SSDEEP
24576:wq3RB1l/i4/dilP5w25WO8tK946122ZST:w7xwTxto4G228
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Suspicious use of SetThreadContext
-