General
-
Target
8a1995805ad65999ec546a1074ac9887
-
Size
1.6MB
-
Sample
240202-vylcnsbcd3
-
MD5
8a1995805ad65999ec546a1074ac9887
-
SHA1
11d5589ca5ebb127ea57b89ee5da89e0b64fa4c6
-
SHA256
2040517dac0b553d4a589bb8c14ca4329022e0ce5e5d0ef0f2c08a2deb10fb5b
-
SHA512
cad4e187956e4db24d291ea725caf89439440eb97ebe9fa76438b76ada66ecc01a4143bf688c6506ec5148c79338e7f581305d2cb8ad17552c558c62706ae777
-
SSDEEP
24576:HK+3Ydk145I7qRZPNHNtlGkrmwRGPoN7vdiTbnFMI3YqQl55T:HK+I045xRVNXUIm/PoiMIov
Static task
static1
Behavioral task
behavioral1
Sample
8a1995805ad65999ec546a1074ac9887.exe
Resource
win7-20231215-en
Malware Config
Extracted
redline
mastif
91.121.146.23:9519
Targets
-
-
Target
8a1995805ad65999ec546a1074ac9887
-
Size
1.6MB
-
MD5
8a1995805ad65999ec546a1074ac9887
-
SHA1
11d5589ca5ebb127ea57b89ee5da89e0b64fa4c6
-
SHA256
2040517dac0b553d4a589bb8c14ca4329022e0ce5e5d0ef0f2c08a2deb10fb5b
-
SHA512
cad4e187956e4db24d291ea725caf89439440eb97ebe9fa76438b76ada66ecc01a4143bf688c6506ec5148c79338e7f581305d2cb8ad17552c558c62706ae777
-
SSDEEP
24576:HK+3Ydk145I7qRZPNHNtlGkrmwRGPoN7vdiTbnFMI3YqQl55T:HK+I045xRVNXUIm/PoiMIov
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Suspicious use of SetThreadContext
-