General
-
Target
f0df5df5ce6a9b30e503f37c607fb2c5
-
Size
173KB
-
Sample
231228-xpx18aagfk
-
MD5
f0df5df5ce6a9b30e503f37c607fb2c5
-
SHA1
b90993036902c7ad8ba398f353744c6569ac188f
-
SHA256
d9a0f971284c2e673321dcd15798e41b171d5258680d33de5e68d1831bf18b71
-
SHA512
e6d5446bc37e89cc362fa975684595233ba7ddf81811bb1e1f02ab376a90dcca6221f26c8b8b5f6c1da91df20bd6aa7838f9b2e91a7d5193116029bef23ff046
-
SSDEEP
3072:ZOdiUhRqYzYROidz2q8QuAQaG/nKlTSMhlrR1NMKaK+LqmmmmoqbSDI:ZOHWdyq+AQaG/nKsMhlRpLUwmI
Static task
static1
Behavioral task
behavioral1
Sample
f0df5df5ce6a9b30e503f37c607fb2c5.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
pro2
95.217.122.120:8374
Targets
-
-
Target
f0df5df5ce6a9b30e503f37c607fb2c5
-
Size
173KB
-
MD5
f0df5df5ce6a9b30e503f37c607fb2c5
-
SHA1
b90993036902c7ad8ba398f353744c6569ac188f
-
SHA256
d9a0f971284c2e673321dcd15798e41b171d5258680d33de5e68d1831bf18b71
-
SHA512
e6d5446bc37e89cc362fa975684595233ba7ddf81811bb1e1f02ab376a90dcca6221f26c8b8b5f6c1da91df20bd6aa7838f9b2e91a7d5193116029bef23ff046
-
SSDEEP
3072:ZOdiUhRqYzYROidz2q8QuAQaG/nKlTSMhlrR1NMKaK+LqmmmmoqbSDI:ZOHWdyq+AQaG/nKsMhlRpLUwmI
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-