General
-
Target
a186a0ef26742808b75c2ef534ece63c
-
Size
390KB
-
Sample
231227-d6x8rsgcgm
-
MD5
a186a0ef26742808b75c2ef534ece63c
-
SHA1
d79062c6c9c039831e54c88fb67cd64e8146048c
-
SHA256
18bc677465a6195706664788be8d88acd5cfd4abdad074aa1e1f0b2fbfed2b76
-
SHA512
f5d2304750011a920bf1c219185bf9963fb47ab52e1fec96ce98cd15853fe6b592356b638f2f3628d3f5a1a45c47e85db1fb2d5a00a85840ad3e296ff130c21b
-
SSDEEP
12288:oM4EDIWoa+eEuBzLWsfY4jtc2u3OZH7CaokX20m5a:bf
Static task
static1
Behavioral task
behavioral1
Sample
a186a0ef26742808b75c2ef534ece63c.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
Liez
liezaphare.xyz:80
Targets
-
-
Target
a186a0ef26742808b75c2ef534ece63c
-
Size
390KB
-
MD5
a186a0ef26742808b75c2ef534ece63c
-
SHA1
d79062c6c9c039831e54c88fb67cd64e8146048c
-
SHA256
18bc677465a6195706664788be8d88acd5cfd4abdad074aa1e1f0b2fbfed2b76
-
SHA512
f5d2304750011a920bf1c219185bf9963fb47ab52e1fec96ce98cd15853fe6b592356b638f2f3628d3f5a1a45c47e85db1fb2d5a00a85840ad3e296ff130c21b
-
SSDEEP
12288:oM4EDIWoa+eEuBzLWsfY4jtc2u3OZH7CaokX20m5a:bf
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-