General
-
Target
b6ff08d9ba3719f53ce0b1faac6e857b
-
Size
378KB
-
Sample
240306-kk7nmsfb8v
-
MD5
b6ff08d9ba3719f53ce0b1faac6e857b
-
SHA1
01d7cd7e3131cf1c983aac7399e61235031d43c4
-
SHA256
41304c1c586ec32aa4419c81090527cb7f811919174ffddac0f5a0a384cefb9a
-
SHA512
cce5b6bb59cfd511eed18095b4e5febed22999a75aa97be923edba379226f682fdc4b78286c86c4d7ae76dfd4e5e087a45de8003c5f44642785f160be4016d1e
-
SSDEEP
6144:6ylYjxhUfR1GdkJEYPJqtjnsC093bVgOwoM8G4nb:nchsR1GdkJE2JqxnsC093bVgOwoW4nb
Static task
static1
Behavioral task
behavioral1
Sample
b6ff08d9ba3719f53ce0b1faac6e857b.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
Focus1
135.148.139.222:33569
Targets
-
-
Target
b6ff08d9ba3719f53ce0b1faac6e857b
-
Size
378KB
-
MD5
b6ff08d9ba3719f53ce0b1faac6e857b
-
SHA1
01d7cd7e3131cf1c983aac7399e61235031d43c4
-
SHA256
41304c1c586ec32aa4419c81090527cb7f811919174ffddac0f5a0a384cefb9a
-
SHA512
cce5b6bb59cfd511eed18095b4e5febed22999a75aa97be923edba379226f682fdc4b78286c86c4d7ae76dfd4e5e087a45de8003c5f44642785f160be4016d1e
-
SSDEEP
6144:6ylYjxhUfR1GdkJEYPJqtjnsC093bVgOwoM8G4nb:nchsR1GdkJE2JqxnsC093bVgOwoW4nb
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-