General
-
Target
571ec37bbc0a7b94c3a3829ee47e5bad
-
Size
216KB
-
Sample
240112-whfmxscghl
-
MD5
571ec37bbc0a7b94c3a3829ee47e5bad
-
SHA1
ef44ce30e13c73e4b07e3067b1e2107fe8948d8b
-
SHA256
459a684a6e6299ffbd967855a504ff2311cba4a8eccae192b1f4146cc3bf7382
-
SHA512
6a9d95f3d47f1e2ef45db236efbb8bc265fdfb9979163c6e7d2f51fb204be4930fe06b1ba63047482b7c9f34d7cb72106178484fead7f332abea22d733aa84b6
-
SSDEEP
3072:ktHnC1FHiLW9Oxi8uFbNUaBAICgV04WEyF5uXa0ToO/wumRE6Q14vmOw38a9Mm:kkmLBxczCmJyTu3p9OQ1qoYm
Static task
static1
Behavioral task
behavioral1
Sample
571ec37bbc0a7b94c3a3829ee47e5bad.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
571ec37bbc0a7b94c3a3829ee47e5bad.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
Cryptex0816
185.92.73.140:80
Targets
-
-
Target
571ec37bbc0a7b94c3a3829ee47e5bad
-
Size
216KB
-
MD5
571ec37bbc0a7b94c3a3829ee47e5bad
-
SHA1
ef44ce30e13c73e4b07e3067b1e2107fe8948d8b
-
SHA256
459a684a6e6299ffbd967855a504ff2311cba4a8eccae192b1f4146cc3bf7382
-
SHA512
6a9d95f3d47f1e2ef45db236efbb8bc265fdfb9979163c6e7d2f51fb204be4930fe06b1ba63047482b7c9f34d7cb72106178484fead7f332abea22d733aa84b6
-
SSDEEP
3072:ktHnC1FHiLW9Oxi8uFbNUaBAICgV04WEyF5uXa0ToO/wumRE6Q14vmOw38a9Mm:kkmLBxczCmJyTu3p9OQ1qoYm
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-