General
-
Target
0ebc3c08d0e3b7f973466d55394119ac
-
Size
2.1MB
-
Sample
231230-e9mf4seedm
-
MD5
0ebc3c08d0e3b7f973466d55394119ac
-
SHA1
b3d7002538eabcf551aa3bbf0b6cb555bea92acf
-
SHA256
3d19304d7fcb0611b685274f7650b68dfc27646078e3ab20f6725d387700b783
-
SHA512
20d0ded8e455397fbf8802b8fdca33ecd14d4387c4d3b12efe20dd6cb8b1167090686676679f8a0eeaf2772ae70470355b0f43cc3987ca6759160f1f9c47d57c
-
SSDEEP
49152:FxSuM2y2BwWdXQ9kh83qmK+/d1xuuuRqWKiAvFN19v3ns:FIuM2TwWVGkh8rK+X88WKvvtXs
Static task
static1
Behavioral task
behavioral1
Sample
0ebc3c08d0e3b7f973466d55394119ac.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
Kurwa
65.21.90.212:6607
Targets
-
-
Target
0ebc3c08d0e3b7f973466d55394119ac
-
Size
2.1MB
-
MD5
0ebc3c08d0e3b7f973466d55394119ac
-
SHA1
b3d7002538eabcf551aa3bbf0b6cb555bea92acf
-
SHA256
3d19304d7fcb0611b685274f7650b68dfc27646078e3ab20f6725d387700b783
-
SHA512
20d0ded8e455397fbf8802b8fdca33ecd14d4387c4d3b12efe20dd6cb8b1167090686676679f8a0eeaf2772ae70470355b0f43cc3987ca6759160f1f9c47d57c
-
SSDEEP
49152:FxSuM2y2BwWdXQ9kh83qmK+/d1xuuuRqWKiAvFN19v3ns:FIuM2TwWVGkh8rK+X88WKvvtXs
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-