General
-
Target
4904a716d64b1fbcb594794883e496ba.exe
-
Size
2.0MB
-
Sample
240107-yamsdacfer
-
MD5
4904a716d64b1fbcb594794883e496ba
-
SHA1
cf8cd63cb4d7b03671f871e0ab4bfc85a5132dcf
-
SHA256
0457f119d3d5dcb88bd5b27a4893208d8331132bbaeff3d4829aef7c590e8733
-
SHA512
9a7cbcfa0105cb533e7325901bef26cf2e6798615b986b47170f5def35e8fd1ed126558335b309630e3ac58ed3c45ee70a2504bb30104facc148f7ec1ed6d49a
-
SSDEEP
49152:L+26YxAfubBrDoCVYDbWvygK2pr4+XV9Fyh8VGNSAbhh7R:L+EWubBroRT6rthtGEUfR
Static task
static1
Behavioral task
behavioral1
Sample
4904a716d64b1fbcb594794883e496ba.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
YsamiLzt
185.172.129.61:52372
Targets
-
-
Target
4904a716d64b1fbcb594794883e496ba.exe
-
Size
2.0MB
-
MD5
4904a716d64b1fbcb594794883e496ba
-
SHA1
cf8cd63cb4d7b03671f871e0ab4bfc85a5132dcf
-
SHA256
0457f119d3d5dcb88bd5b27a4893208d8331132bbaeff3d4829aef7c590e8733
-
SHA512
9a7cbcfa0105cb533e7325901bef26cf2e6798615b986b47170f5def35e8fd1ed126558335b309630e3ac58ed3c45ee70a2504bb30104facc148f7ec1ed6d49a
-
SSDEEP
49152:L+26YxAfubBrDoCVYDbWvygK2pr4+XV9Fyh8VGNSAbhh7R:L+EWubBroRT6rthtGEUfR
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-