General
-
Target
f3fba1d1355dfc71fa48b1e730726f47
-
Size
2.0MB
-
Sample
231228-yl85rabcf2
-
MD5
f3fba1d1355dfc71fa48b1e730726f47
-
SHA1
e8ad228acbeb4ea96a49f518c80cf3fbb87e0ad0
-
SHA256
0c5129f7ce0c2140caad284bd252dd57e0eb11eba4855540be8f8f8c992400a6
-
SHA512
ed0c1b71040e24bc6921f6837e842e1e18e939ef6ff00e144121d7a7c3ea2ad5a61b0e72fff20afb9c2345bba0d8633069dc3c28ed643dd571a59de5502ab8fb
-
SSDEEP
49152:pI4U7g149h0826G8K3PNwir5zPd7mtfpubpnvaVfhm6t+8LdR:6E149C82XPn5zlkUbpvalTYGR
Static task
static1
Behavioral task
behavioral1
Sample
f3fba1d1355dfc71fa48b1e730726f47.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
xxluchxx1
185.172.129.61:52372
Targets
-
-
Target
f3fba1d1355dfc71fa48b1e730726f47
-
Size
2.0MB
-
MD5
f3fba1d1355dfc71fa48b1e730726f47
-
SHA1
e8ad228acbeb4ea96a49f518c80cf3fbb87e0ad0
-
SHA256
0c5129f7ce0c2140caad284bd252dd57e0eb11eba4855540be8f8f8c992400a6
-
SHA512
ed0c1b71040e24bc6921f6837e842e1e18e939ef6ff00e144121d7a7c3ea2ad5a61b0e72fff20afb9c2345bba0d8633069dc3c28ed643dd571a59de5502ab8fb
-
SSDEEP
49152:pI4U7g149h0826G8K3PNwir5zPd7mtfpubpnvaVfhm6t+8LdR:6E149C82XPn5zlkUbpvalTYGR
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-