General
-
Target
589e206301d060e37e71eeb0aa958ff5
-
Size
1.1MB
-
Sample
240113-lt2pesgaek
-
MD5
589e206301d060e37e71eeb0aa958ff5
-
SHA1
39427e0a53c6250c28be93ce7ad1d45ff0c83d37
-
SHA256
442f73c103785c32c0ccccff31ef1825bac78564548290a3e45308476cba4dd1
-
SHA512
2c391a55186bfaa7a18fbdac44d564f0e5c02bd89e3a5cedff9e8427e0e1a3ba21bd147b81b1c56a19280c4f01a6747130fc0ed668bdc601723417b0d8dbc459
-
SSDEEP
24576:1+rQaOizhRUzq/S9xmcSp8qSmmz4lRmrua3KfFrSb31:OnEq/YxS2Z+lRmrua7L1
Static task
static1
Behavioral task
behavioral1
Sample
589e206301d060e37e71eeb0aa958ff5.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
589e206301d060e37e71eeb0aa958ff5.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
@l_Like_a_Sir_l
45.12.212.178:35752
Targets
-
-
Target
589e206301d060e37e71eeb0aa958ff5
-
Size
1.1MB
-
MD5
589e206301d060e37e71eeb0aa958ff5
-
SHA1
39427e0a53c6250c28be93ce7ad1d45ff0c83d37
-
SHA256
442f73c103785c32c0ccccff31ef1825bac78564548290a3e45308476cba4dd1
-
SHA512
2c391a55186bfaa7a18fbdac44d564f0e5c02bd89e3a5cedff9e8427e0e1a3ba21bd147b81b1c56a19280c4f01a6747130fc0ed668bdc601723417b0d8dbc459
-
SSDEEP
24576:1+rQaOizhRUzq/S9xmcSp8qSmmz4lRmrua3KfFrSb31:OnEq/YxS2Z+lRmrua7L1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-