General
-
Target
3281b413f5ac5a8fee61bdb8c438125c
-
Size
130KB
-
Sample
231231-mexbtsebf3
-
MD5
3281b413f5ac5a8fee61bdb8c438125c
-
SHA1
3f7e66b7448903edcc186a05e12587773ce5a8ee
-
SHA256
da31f9ecdd585fb6b71dd78574398e411971f45b3ad763dc232176162f8a2b1e
-
SHA512
b062a395d1f593525aa6a8f8bb631ff0b803ead532239e6cdad28d414fc0790289d5936bd9c05dbd2a617c97edb35aa591bf30d803b2cbfda65ed09bea10291a
-
SSDEEP
3072:1tbbDCA7073IDVl+2rTKFHQOlTXkKfI7SCnNkK1jQoA:eGeIDVlvrT/Ol7ELNkK1jQ
Static task
static1
Behavioral task
behavioral1
Sample
3281b413f5ac5a8fee61bdb8c438125c.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
3281b413f5ac5a8fee61bdb8c438125c.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
build
45.67.231.50:7452
Targets
-
-
Target
3281b413f5ac5a8fee61bdb8c438125c
-
Size
130KB
-
MD5
3281b413f5ac5a8fee61bdb8c438125c
-
SHA1
3f7e66b7448903edcc186a05e12587773ce5a8ee
-
SHA256
da31f9ecdd585fb6b71dd78574398e411971f45b3ad763dc232176162f8a2b1e
-
SHA512
b062a395d1f593525aa6a8f8bb631ff0b803ead532239e6cdad28d414fc0790289d5936bd9c05dbd2a617c97edb35aa591bf30d803b2cbfda65ed09bea10291a
-
SSDEEP
3072:1tbbDCA7073IDVl+2rTKFHQOlTXkKfI7SCnNkK1jQoA:eGeIDVlvrT/Ol7ELNkK1jQ
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-