General
-
Target
65f02521e4d3d357608eb923fa6930f5
-
Size
378KB
-
Sample
231226-l416msceaj
-
MD5
65f02521e4d3d357608eb923fa6930f5
-
SHA1
bc8165197cb12767ac93bc49922d1c7c67e2eb6b
-
SHA256
e3fcc56bcfd2108829e5bbb481f260e31828c4a38d93bc1ac294b48cff7245cc
-
SHA512
ee933f281dcc69f1dcac7975627c289b443cf14e6feb4863f8397c19a37e11d2f51baba85be740d962cc8d31347e763e03e486460e78a74cea32ecc423d61243
-
SSDEEP
6144:R2whUfR1GfxfRT4ROvAK+VZtJTiKBsM4d0WOFUehGhwPgdFHoU1:NhsR1GfxfRT4YoK+VZtJTZBsM4d0WOFS
Static task
static1
Behavioral task
behavioral1
Sample
65f02521e4d3d357608eb923fa6930f5.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
777
185.203.243.131:27365
Targets
-
-
Target
65f02521e4d3d357608eb923fa6930f5
-
Size
378KB
-
MD5
65f02521e4d3d357608eb923fa6930f5
-
SHA1
bc8165197cb12767ac93bc49922d1c7c67e2eb6b
-
SHA256
e3fcc56bcfd2108829e5bbb481f260e31828c4a38d93bc1ac294b48cff7245cc
-
SHA512
ee933f281dcc69f1dcac7975627c289b443cf14e6feb4863f8397c19a37e11d2f51baba85be740d962cc8d31347e763e03e486460e78a74cea32ecc423d61243
-
SSDEEP
6144:R2whUfR1GfxfRT4ROvAK+VZtJTiKBsM4d0WOFUehGhwPgdFHoU1:NhsR1GfxfRT4YoK+VZtJTZBsM4d0WOFS
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-