General
-
Target
c10ec00b705127a3a8d46720a73da6159d6e439ea2e77afefcc553a7048ed7f7
-
Size
1.4MB
-
Sample
240527-lasbmsfh45
-
MD5
17a6d200d50f8d0e1a00ea92b39cf5d2
-
SHA1
05df02b09e6ada8e6297cb75063676eeaac7a2f7
-
SHA256
c10ec00b705127a3a8d46720a73da6159d6e439ea2e77afefcc553a7048ed7f7
-
SHA512
93eab210a526f4f16b94ae9719daed641685522523e3de83ea82889f0eb843e60dcb32413f47972362fb4586453505447ab48299fbe0bcef5611eb3c4d97e057
-
SSDEEP
24576:+TbBv5rUlIQgfYJh3heKpxGohXxU9Yi3e/9KSwcE3AXo2t+/1DwnzuLrk/:ABRQggJL3AohXxIY6eFREQSZKu8
Static task
static1
Behavioral task
behavioral1
Sample
c10ec00b705127a3a8d46720a73da6159d6e439ea2e77afefcc553a7048ed7f7.exe
Resource
win7-20240215-en
Malware Config
Extracted
redline
cheat
95.163.213.182:29413
Targets
-
-
Target
c10ec00b705127a3a8d46720a73da6159d6e439ea2e77afefcc553a7048ed7f7
-
Size
1.4MB
-
MD5
17a6d200d50f8d0e1a00ea92b39cf5d2
-
SHA1
05df02b09e6ada8e6297cb75063676eeaac7a2f7
-
SHA256
c10ec00b705127a3a8d46720a73da6159d6e439ea2e77afefcc553a7048ed7f7
-
SHA512
93eab210a526f4f16b94ae9719daed641685522523e3de83ea82889f0eb843e60dcb32413f47972362fb4586453505447ab48299fbe0bcef5611eb3c4d97e057
-
SSDEEP
24576:+TbBv5rUlIQgfYJh3heKpxGohXxU9Yi3e/9KSwcE3AXo2t+/1DwnzuLrk/:ABRQggJL3AohXxIY6eFREQSZKu8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-