General
-
Target
348ec113dac9d1ad8c37ed33efb9e98d
-
Size
1013KB
-
Sample
231231-np964sffaq
-
MD5
348ec113dac9d1ad8c37ed33efb9e98d
-
SHA1
0155e7ee208657b1970d4d6e42d1f18096eb4fbe
-
SHA256
f1199e5b5953534ddbb788d136dd99e6c1d20698458afc9c01b70972b2b3b9af
-
SHA512
54fa4c4defecdd3b11a95600d4806d1be8350424f146dd82c929a398d44a5c962fd711566f454551eeb53c1bbfc8d74b8e175fe541fce0bcbf9ab06106296de8
-
SSDEEP
24576:cT3oblY5lxt9Yi/+eX+ZGfJglBBK2xfLT:cT3KlkxtaeOZGfJgDBK2tH
Behavioral task
behavioral1
Sample
348ec113dac9d1ad8c37ed33efb9e98d.exe
Resource
win7-20231129-en
Malware Config
Extracted
redline
10
wemakeclay.xyz:80
Targets
-
-
Target
348ec113dac9d1ad8c37ed33efb9e98d
-
Size
1013KB
-
MD5
348ec113dac9d1ad8c37ed33efb9e98d
-
SHA1
0155e7ee208657b1970d4d6e42d1f18096eb4fbe
-
SHA256
f1199e5b5953534ddbb788d136dd99e6c1d20698458afc9c01b70972b2b3b9af
-
SHA512
54fa4c4defecdd3b11a95600d4806d1be8350424f146dd82c929a398d44a5c962fd711566f454551eeb53c1bbfc8d74b8e175fe541fce0bcbf9ab06106296de8
-
SSDEEP
24576:cT3oblY5lxt9Yi/+eX+ZGfJglBBK2xfLT:cT3KlkxtaeOZGfJgDBK2tH
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-