General
-
Target
916a6f1bb094aaac72113f36853d2dae
-
Size
404KB
-
Sample
231226-1w5w7adfdj
-
MD5
916a6f1bb094aaac72113f36853d2dae
-
SHA1
a1c66603a24baa57fb1d4d8d9d8d7bf2a3840bb6
-
SHA256
bf66b9c7e3b1905ad96a528a89e2216ae28f090e20d30f3ee6f2787e17ad1960
-
SHA512
bb185aed5c2e53c407e80006abeb11b3b9339169578d7d1370b22a72a4d9aab63f840ebd20c8839c1a453db9766d325bd8b543afc6ae0abb24a0cf5155d7a51d
-
SSDEEP
6144:MEu3SOig5G3txkE9gt+MNbh/9Ercvk4TbAerf53Alc1LjaaIWXlqyw3KI:MEu7D5IXkE9gt+qHnR0lylqCI
Static task
static1
Behavioral task
behavioral1
Sample
916a6f1bb094aaac72113f36853d2dae.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
10
lllwyerxedo.xyz:80
Targets
-
-
Target
916a6f1bb094aaac72113f36853d2dae
-
Size
404KB
-
MD5
916a6f1bb094aaac72113f36853d2dae
-
SHA1
a1c66603a24baa57fb1d4d8d9d8d7bf2a3840bb6
-
SHA256
bf66b9c7e3b1905ad96a528a89e2216ae28f090e20d30f3ee6f2787e17ad1960
-
SHA512
bb185aed5c2e53c407e80006abeb11b3b9339169578d7d1370b22a72a4d9aab63f840ebd20c8839c1a453db9766d325bd8b543afc6ae0abb24a0cf5155d7a51d
-
SSDEEP
6144:MEu3SOig5G3txkE9gt+MNbh/9Ercvk4TbAerf53Alc1LjaaIWXlqyw3KI:MEu7D5IXkE9gt+qHnR0lylqCI
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-