General
-
Target
575cddd17ff8d7127e66797e14b82213
-
Size
2.0MB
-
Sample
240112-ymx4wafba5
-
MD5
575cddd17ff8d7127e66797e14b82213
-
SHA1
3a4524d531ad39fbebef2f8c5973aee350c79332
-
SHA256
8b57e63ca7ed0ec0c3c152ed8ff71fa6156664008df4e3f75a4cf56db2c44f41
-
SHA512
f674532cd7fa31f00f267c3c866ff0c1359aa0e3c18860db587263bdf4051408f98df500909c77badcc97998554092e9dae907fffd75fd912452af531c106938
-
SSDEEP
49152:SC82pr6Xm2TEalaSOO6mhSq0eVkLPxHUONG5hWY3KF:SCz6DEalaS96k0MkjbEGM
Static task
static1
Behavioral task
behavioral1
Sample
575cddd17ff8d7127e66797e14b82213.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
Ixori228
185.172.129.61:52372
Targets
-
-
Target
575cddd17ff8d7127e66797e14b82213
-
Size
2.0MB
-
MD5
575cddd17ff8d7127e66797e14b82213
-
SHA1
3a4524d531ad39fbebef2f8c5973aee350c79332
-
SHA256
8b57e63ca7ed0ec0c3c152ed8ff71fa6156664008df4e3f75a4cf56db2c44f41
-
SHA512
f674532cd7fa31f00f267c3c866ff0c1359aa0e3c18860db587263bdf4051408f98df500909c77badcc97998554092e9dae907fffd75fd912452af531c106938
-
SSDEEP
49152:SC82pr6Xm2TEalaSOO6mhSq0eVkLPxHUONG5hWY3KF:SCz6DEalaS96k0MkjbEGM
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-