General
-
Target
184d122b490b7ddd40bb242632966c12
-
Size
210KB
-
Sample
231230-phmmxahff9
-
MD5
184d122b490b7ddd40bb242632966c12
-
SHA1
52eeebcb30a95c2ba34d6c9c82154bcd07e61bbc
-
SHA256
085a46a11e5f51719ad5621e6d3595befbb01ab0f7a88277a4e923e414d41700
-
SHA512
b226a77270a98676479c9e713dee35b5c3e28288d2d1e316dec7888d557579d9233808321e873d80b4fdb52deac19d049de1ee98c22577a40df27b628c0fe875
-
SSDEEP
3072:g+cs070z8krSQCRdEf9J862EnbWjHPVgbZqL8dQgLq2WqxrztDw:pcs07M8krSQC7Ex0HtyqwdQgLbrhw
Static task
static1
Behavioral task
behavioral1
Sample
184d122b490b7ddd40bb242632966c12.exe
Resource
win7-20231129-en
Malware Config
Extracted
redline
pro2
95.217.122.120:8374
Targets
-
-
Target
184d122b490b7ddd40bb242632966c12
-
Size
210KB
-
MD5
184d122b490b7ddd40bb242632966c12
-
SHA1
52eeebcb30a95c2ba34d6c9c82154bcd07e61bbc
-
SHA256
085a46a11e5f51719ad5621e6d3595befbb01ab0f7a88277a4e923e414d41700
-
SHA512
b226a77270a98676479c9e713dee35b5c3e28288d2d1e316dec7888d557579d9233808321e873d80b4fdb52deac19d049de1ee98c22577a40df27b628c0fe875
-
SSDEEP
3072:g+cs070z8krSQCRdEf9J862EnbWjHPVgbZqL8dQgLq2WqxrztDw:pcs07M8krSQC7Ex0HtyqwdQgLbrhw
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-