General
-
Target
87ca9079e307e48fa781b9c39f3e93fb
-
Size
411KB
-
Sample
240201-1363tshdgm
-
MD5
87ca9079e307e48fa781b9c39f3e93fb
-
SHA1
582c603d178aaa86caa4b6266d859c6e545a3f8f
-
SHA256
d2f3c8745cdfdc4df1c8b1162dc3f310f358cfb8410eacb5f9b82d82140ace24
-
SHA512
9cc6ef9b09ff8f9de513bad648c3cb79582f1a3df01d61275ceae5a7df1f4d7adbc475c06bde4e87fc6f046a122c530c5b2ac9c888d0e663b57a59950c8b27c1
-
SSDEEP
12288:CYVZ4rt++OjGlrN2Vis7mHxowcEKo1WdIcd:X4Zzj2Vz7x+Ko4dIcd
Static task
static1
Behavioral task
behavioral1
Sample
87ca9079e307e48fa781b9c39f3e93fb.exe
Resource
win7-20231129-en
Malware Config
Extracted
redline
1
ynabrdosmc.xyz:80
Targets
-
-
Target
87ca9079e307e48fa781b9c39f3e93fb
-
Size
411KB
-
MD5
87ca9079e307e48fa781b9c39f3e93fb
-
SHA1
582c603d178aaa86caa4b6266d859c6e545a3f8f
-
SHA256
d2f3c8745cdfdc4df1c8b1162dc3f310f358cfb8410eacb5f9b82d82140ace24
-
SHA512
9cc6ef9b09ff8f9de513bad648c3cb79582f1a3df01d61275ceae5a7df1f4d7adbc475c06bde4e87fc6f046a122c530c5b2ac9c888d0e663b57a59950c8b27c1
-
SSDEEP
12288:CYVZ4rt++OjGlrN2Vis7mHxowcEKo1WdIcd:X4Zzj2Vz7x+Ko4dIcd
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-