General
-
Target
3b9d70c67fb380eedcb5d04c6d3cc9b2
-
Size
2.0MB
-
Sample
240101-cjcswacea9
-
MD5
3b9d70c67fb380eedcb5d04c6d3cc9b2
-
SHA1
09766d3548390ee90f2b60492cba403871f1f082
-
SHA256
c87beae4bc69463608f2ada586a367e23f167062f6b3a25fb277a2a274dd72e1
-
SHA512
e1a28074a42639b4cdb70915a7bc36e37fa69dd4ce367842a1c7b65447d005dfc020ef0041df6401628e2210a62759b4baf43243697b03c60a219b52b804652a
-
SSDEEP
24576:qja+0QKT262+kJwdU+hJay4RBkzLVumLg5L1GlQNQ6qJ8nwWgCRI4MVATVbZ9ofC:qjaWm2Z+k6S+IE4mEtFNIffcVECb
Static task
static1
Behavioral task
behavioral1
Sample
3b9d70c67fb380eedcb5d04c6d3cc9b2.exe
Resource
win7-20231129-en
Malware Config
Extracted
redline
xxluchxx1
185.172.129.61:52372
Targets
-
-
Target
3b9d70c67fb380eedcb5d04c6d3cc9b2
-
Size
2.0MB
-
MD5
3b9d70c67fb380eedcb5d04c6d3cc9b2
-
SHA1
09766d3548390ee90f2b60492cba403871f1f082
-
SHA256
c87beae4bc69463608f2ada586a367e23f167062f6b3a25fb277a2a274dd72e1
-
SHA512
e1a28074a42639b4cdb70915a7bc36e37fa69dd4ce367842a1c7b65447d005dfc020ef0041df6401628e2210a62759b4baf43243697b03c60a219b52b804652a
-
SSDEEP
24576:qja+0QKT262+kJwdU+hJay4RBkzLVumLg5L1GlQNQ6qJ8nwWgCRI4MVATVbZ9ofC:qjaWm2Z+k6S+IE4mEtFNIffcVECb
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-