General
-
Target
1f2f4b97cf33e38fd3673f203e663ae0
-
Size
125KB
-
Sample
231230-2xxsmsadg3
-
MD5
1f2f4b97cf33e38fd3673f203e663ae0
-
SHA1
691bce10f015d6b6c41656a2e6a249fde5dcc9a7
-
SHA256
69121cc59905d374c6a35a13940e855a9c68344a740471d7769e845a8ca0efc8
-
SHA512
aa29dbcd36effe15d19bd06425fbe3044dc2727fe02977b6a3437cf6b6d54cd6c7416f1434d0875a2e5d7b66d9e4a12a72d6c50a652f1869863e87c0c04f0275
-
SSDEEP
3072:ieYUmYrpIvqp+Wur9ftKLkvmt4XtgQ0Y+jneqW:iemYVEqp+WOf64XtgQ0YEnfW
Static task
static1
Behavioral task
behavioral1
Sample
1f2f4b97cf33e38fd3673f203e663ae0.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
mix
135.181.175.182:10628
Targets
-
-
Target
1f2f4b97cf33e38fd3673f203e663ae0
-
Size
125KB
-
MD5
1f2f4b97cf33e38fd3673f203e663ae0
-
SHA1
691bce10f015d6b6c41656a2e6a249fde5dcc9a7
-
SHA256
69121cc59905d374c6a35a13940e855a9c68344a740471d7769e845a8ca0efc8
-
SHA512
aa29dbcd36effe15d19bd06425fbe3044dc2727fe02977b6a3437cf6b6d54cd6c7416f1434d0875a2e5d7b66d9e4a12a72d6c50a652f1869863e87c0c04f0275
-
SSDEEP
3072:ieYUmYrpIvqp+Wur9ftKLkvmt4XtgQ0Y+jneqW:iemYVEqp+WOf64XtgQ0YEnfW
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-