General
-
Target
5ce1584ca310c989f7bfe7358d1a56d4
-
Size
1.1MB
-
Sample
231226-je138sdhc3
-
MD5
5ce1584ca310c989f7bfe7358d1a56d4
-
SHA1
c49023e8d755006f88f1fa91bae48cfce293771d
-
SHA256
963ab33417baa5d1fe1541f063a044651c1bab0cd8d6e05f7d9d5fa3c06c22fb
-
SHA512
7211ca509c8cc1c3500602f83c867a7dcf195a7c3dcce38d2a8ebeb6d4452932fd8d1e1a6e08627ee336c9ed124e7a5a3ed407eeb771d260abd9598c0d3e5c6c
-
SSDEEP
24576:3XWq27ow8C85++pmgBmCmTOUd+L6kjX01UFsL3Xd0qY:nJ27orZvmCm6Ud+zjkBX5
Static task
static1
Behavioral task
behavioral1
Sample
5ce1584ca310c989f7bfe7358d1a56d4.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
White
185.215.113.62:51929
Targets
-
-
Target
5ce1584ca310c989f7bfe7358d1a56d4
-
Size
1.1MB
-
MD5
5ce1584ca310c989f7bfe7358d1a56d4
-
SHA1
c49023e8d755006f88f1fa91bae48cfce293771d
-
SHA256
963ab33417baa5d1fe1541f063a044651c1bab0cd8d6e05f7d9d5fa3c06c22fb
-
SHA512
7211ca509c8cc1c3500602f83c867a7dcf195a7c3dcce38d2a8ebeb6d4452932fd8d1e1a6e08627ee336c9ed124e7a5a3ed407eeb771d260abd9598c0d3e5c6c
-
SSDEEP
24576:3XWq27ow8C85++pmgBmCmTOUd+L6kjX01UFsL3Xd0qY:nJ27orZvmCm6Ud+zjkBX5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Suspicious use of SetThreadContext
-