General
-
Target
57cbb7d00cb27f844a3b794703617734
-
Size
587KB
-
Sample
240113-dd219aagbn
-
MD5
57cbb7d00cb27f844a3b794703617734
-
SHA1
636e852e6b75ecddca3cc8de5aecb088ab9328b0
-
SHA256
a3dcc6671290b07cb0b9f3fb57b347043d0e295628de1f378883114146842d4e
-
SHA512
bc254a63dbb01d633ccafd12f35a1ee69fd22d08cfa326b07a6a491535a5d4382e117db1e1b3746a31ccdf0700afbe9c9b9e24f2a015704d8c5ab4ec7592c06b
-
SSDEEP
12288:bkjhC163C5eA1GorPwwBwEdLFdP/p6LKVHbO/UqV:zwE13p
Static task
static1
Behavioral task
behavioral1
Sample
57cbb7d00cb27f844a3b794703617734.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
installzo
185.186.142.245:1778
Targets
-
-
Target
57cbb7d00cb27f844a3b794703617734
-
Size
587KB
-
MD5
57cbb7d00cb27f844a3b794703617734
-
SHA1
636e852e6b75ecddca3cc8de5aecb088ab9328b0
-
SHA256
a3dcc6671290b07cb0b9f3fb57b347043d0e295628de1f378883114146842d4e
-
SHA512
bc254a63dbb01d633ccafd12f35a1ee69fd22d08cfa326b07a6a491535a5d4382e117db1e1b3746a31ccdf0700afbe9c9b9e24f2a015704d8c5ab4ec7592c06b
-
SSDEEP
12288:bkjhC163C5eA1GorPwwBwEdLFdP/p6LKVHbO/UqV:zwE13p
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-