General
-
Target
0cd611109bec333ed5816ccbef8225a3
-
Size
833KB
-
Sample
231230-dxfx5adhf6
-
MD5
0cd611109bec333ed5816ccbef8225a3
-
SHA1
545b07e30a24464f288a939f4c746ce12f84e42d
-
SHA256
1f782a66597bb9bf4ee3b600c2266926e5e339cea52c6d8de10a18c7c6168f56
-
SHA512
7204bcc6681b6f203136a95ff4c93ead7b4d2d38a0396c88e8d4e2a91028ccbaad44d8a928716b1946e5c2b985ac96c58d5be95060bacf23a543e81aaf90ea40
-
SSDEEP
24576:4FWQvjR3tG20JOdB02PRzgRS37dwnTp2qSteKan7Zo2qy5KUv7HcIcelJLjImJbE:sWQvjRtG28VPRS3JwnOiesbQIvJLjIox
Static task
static1
Behavioral task
behavioral1
Sample
0cd611109bec333ed5816ccbef8225a3.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
Red
135.181.235.99:80
Targets
-
-
Target
0cd611109bec333ed5816ccbef8225a3
-
Size
833KB
-
MD5
0cd611109bec333ed5816ccbef8225a3
-
SHA1
545b07e30a24464f288a939f4c746ce12f84e42d
-
SHA256
1f782a66597bb9bf4ee3b600c2266926e5e339cea52c6d8de10a18c7c6168f56
-
SHA512
7204bcc6681b6f203136a95ff4c93ead7b4d2d38a0396c88e8d4e2a91028ccbaad44d8a928716b1946e5c2b985ac96c58d5be95060bacf23a543e81aaf90ea40
-
SSDEEP
24576:4FWQvjR3tG20JOdB02PRzgRS37dwnTp2qSteKan7Zo2qy5KUv7HcIcelJLjImJbE:sWQvjRtG28VPRS3JwnOiesbQIvJLjIox
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-