User tags
Assigned on submission by the user, not by sandbox detections.
General
-
Target
sample3.exe
-
Size
556KB
-
Sample
240407-cma4fsac6w
-
MD5
ea26fcaf8903da1bfe21acecc33c2603
-
SHA1
951fd85f29b0182dc4b7358d1f7f6e604b63a1c8
-
SHA256
00971cb6265f2b6ec80830e5bd41ed8f6df0102fd99fdc23f7dfef3d2a28ac46
-
SHA512
f738729ac579c06ec8e19be352ce5c131d3c225c2307a6068dd2e11bff3d95139b7b33fb274fcb871d2c20f31210a2f2defd469f8a91d7d62b7582adbaed2ca7
-
SSDEEP
12288:nglfloOJRYWq9DcElgYP4krKTIG/YZRIIhqsDGK30oQup4AHz:etoOJbWcIgYgkWZYL9tkqnz
Static task
static1
Behavioral task
behavioral1
Sample
sample3.exe
Resource
win7-20240220-en
Malware Config
Extracted
redline
Roly
91.92.248.117:65012
Targets
-
-
Target
sample3.exe
-
Size
556KB
-
MD5
ea26fcaf8903da1bfe21acecc33c2603
-
SHA1
951fd85f29b0182dc4b7358d1f7f6e604b63a1c8
-
SHA256
00971cb6265f2b6ec80830e5bd41ed8f6df0102fd99fdc23f7dfef3d2a28ac46
-
SHA512
f738729ac579c06ec8e19be352ce5c131d3c225c2307a6068dd2e11bff3d95139b7b33fb274fcb871d2c20f31210a2f2defd469f8a91d7d62b7582adbaed2ca7
-
SSDEEP
12288:nglfloOJRYWq9DcElgYP4krKTIG/YZRIIhqsDGK30oQup4AHz:etoOJbWcIgYgkWZYL9tkqnz
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-