General
-
Target
56f43b7aadd2ecb4dd9e5b29e155879c
-
Size
1.4MB
-
Sample
240112-tz97raccf8
-
MD5
56f43b7aadd2ecb4dd9e5b29e155879c
-
SHA1
dbb31825f23738a271a8c15743aa6db8cca47665
-
SHA256
503adcbbdd31b1398aa676a524163a5f4fc342b2722da40c20a422fcd926d345
-
SHA512
0210a7f1917e541ff5d48f277810532f0515e376d291b8f1e0848eff740b8a770e965333d005b9646c794edceb6154b0bd5c1f6618522b238ec621af4e53e3e8
-
SSDEEP
24576:e00F8WjlFjzkp7D8056p+R2SDrT3RRimyrRWBGFGI0EqduKU0Y6xtxrukomfk6P0:exF8WjlFjzkp7D8051533r4GGgIFqduN
Static task
static1
Behavioral task
behavioral1
Sample
56f43b7aadd2ecb4dd9e5b29e155879c.exe
Resource
win7-20231129-en
Malware Config
Extracted
redline
Fonti
87.251.71.78:80
Targets
-
-
Target
56f43b7aadd2ecb4dd9e5b29e155879c
-
Size
1.4MB
-
MD5
56f43b7aadd2ecb4dd9e5b29e155879c
-
SHA1
dbb31825f23738a271a8c15743aa6db8cca47665
-
SHA256
503adcbbdd31b1398aa676a524163a5f4fc342b2722da40c20a422fcd926d345
-
SHA512
0210a7f1917e541ff5d48f277810532f0515e376d291b8f1e0848eff740b8a770e965333d005b9646c794edceb6154b0bd5c1f6618522b238ec621af4e53e3e8
-
SSDEEP
24576:e00F8WjlFjzkp7D8056p+R2SDrT3RRimyrRWBGFGI0EqduKU0Y6xtxrukomfk6P0:exF8WjlFjzkp7D8051533r4GGgIFqduN
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-