General
-
Target
5afa4c042d36ce71933b73b8386f2c1f
-
Size
1.1MB
-
Sample
240114-ma3caahbg2
-
MD5
5afa4c042d36ce71933b73b8386f2c1f
-
SHA1
1551d88396d1aa1defd7b996ae30b44c152bceb7
-
SHA256
90398efa0eb70a688abafce9e5129f0237771127250e0f4ea12252daef0a1543
-
SHA512
65cf5884fb4d60fdada268188f3c0c1179b6b610f4bbf7ca0112a9ab6ac2d1d0d440754b918b0dc3ad1b94ab4a9f77c9e669369cdb77e5297cfb4888bdac6453
-
SSDEEP
24576:c1iXqJXom/9uFsvZgPTuVEDrVot6r3RB1dWrpXSjGElatXeFM:mqmqsxayKDru+3RrKXSSEktOFM
Static task
static1
Behavioral task
behavioral1
Sample
5afa4c042d36ce71933b73b8386f2c1f.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
5afa4c042d36ce71933b73b8386f2c1f.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
redline
@Rafael6666
185.206.215.216:80
Targets
-
-
Target
5afa4c042d36ce71933b73b8386f2c1f
-
Size
1.1MB
-
MD5
5afa4c042d36ce71933b73b8386f2c1f
-
SHA1
1551d88396d1aa1defd7b996ae30b44c152bceb7
-
SHA256
90398efa0eb70a688abafce9e5129f0237771127250e0f4ea12252daef0a1543
-
SHA512
65cf5884fb4d60fdada268188f3c0c1179b6b610f4bbf7ca0112a9ab6ac2d1d0d440754b918b0dc3ad1b94ab4a9f77c9e669369cdb77e5297cfb4888bdac6453
-
SSDEEP
24576:c1iXqJXom/9uFsvZgPTuVEDrVot6r3RB1dWrpXSjGElatXeFM:mqmqsxayKDru+3RrKXSSEktOFM
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-