General
-
Target
001919e17b2e2fee7b74dd6058658047
-
Size
370KB
-
Sample
231229-wr35ksaha9
-
MD5
001919e17b2e2fee7b74dd6058658047
-
SHA1
482f4e7165e97eee550f12d2ba5e48f407580172
-
SHA256
8c827810f02e75f07007ed562147c79d8c4cc1ed448d365b3a198a4f318cfa0f
-
SHA512
81906315de87b82a1d8e0de59556cb1d5a2e0c4fa4547ef2827bf96a0a99e0b41469d0ca9d62f405af7243b8d1745370c52838363a9389584e9e7cb8200960eb
-
SSDEEP
6144:g6M4Ry8+IWoa+eEuBCPBMCmi/3dz3OBE7Caok+ceM:pM4EDIWoa+eEuBCPBMCmi/3dz3OBE7Cn
Static task
static1
Behavioral task
behavioral1
Sample
001919e17b2e2fee7b74dd6058658047.exe
Resource
win7-20231129-en
Malware Config
Extracted
redline
sel22
salkefard.xyz:80
Targets
-
-
Target
001919e17b2e2fee7b74dd6058658047
-
Size
370KB
-
MD5
001919e17b2e2fee7b74dd6058658047
-
SHA1
482f4e7165e97eee550f12d2ba5e48f407580172
-
SHA256
8c827810f02e75f07007ed562147c79d8c4cc1ed448d365b3a198a4f318cfa0f
-
SHA512
81906315de87b82a1d8e0de59556cb1d5a2e0c4fa4547ef2827bf96a0a99e0b41469d0ca9d62f405af7243b8d1745370c52838363a9389584e9e7cb8200960eb
-
SSDEEP
6144:g6M4Ry8+IWoa+eEuBCPBMCmi/3dz3OBE7Caok+ceM:pM4EDIWoa+eEuBCPBMCmi/3dz3OBE7Cn
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-