General
-
Target
56203d10acb3cf9fcb6aa558da80baa0
-
Size
645KB
-
Sample
240112-ltgz1sedf8
-
MD5
56203d10acb3cf9fcb6aa558da80baa0
-
SHA1
e6c3f65354331934a7fa97f73f27c43f9315169e
-
SHA256
477dadb0b5ba2a88ae80d03b9c35a644baca79056f9f71876a043d9d5faf5654
-
SHA512
5c450982e01123bfa7a96d579c73b0cd4e07f96bbdbfeaa2526f2bf731492cb065b989318f5591c75264669364d508e890e641cc772c306ee1e7f87d926ae024
-
SSDEEP
6144:YvlT/McAK0o+mjgQrsSCC2gAg+caotTY9/jMxej1K5ULqUuW+gTY1muAirbd:YvlT/Mcjj
Static task
static1
Behavioral task
behavioral1
Sample
56203d10acb3cf9fcb6aa558da80baa0.ps1
Resource
win7-20231215-en
Malware Config
Extracted
redline
4
talueratas.xyz:80
Targets
-
-
Target
56203d10acb3cf9fcb6aa558da80baa0
-
Size
645KB
-
MD5
56203d10acb3cf9fcb6aa558da80baa0
-
SHA1
e6c3f65354331934a7fa97f73f27c43f9315169e
-
SHA256
477dadb0b5ba2a88ae80d03b9c35a644baca79056f9f71876a043d9d5faf5654
-
SHA512
5c450982e01123bfa7a96d579c73b0cd4e07f96bbdbfeaa2526f2bf731492cb065b989318f5591c75264669364d508e890e641cc772c306ee1e7f87d926ae024
-
SSDEEP
6144:YvlT/McAK0o+mjgQrsSCC2gAg+caotTY9/jMxej1K5ULqUuW+gTY1muAirbd:YvlT/Mcjj
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-