General
-
Target
e5e068221c86201cef673bfb25b68785d599fccb75e59970edeff9a2b3ab7963
-
Size
1.1MB
-
Sample
240707-fg975stgrq
-
MD5
661b490ece39543114d5dd156b6a96f8
-
SHA1
36c124a39300b7ff411d963637431c0c7baa4915
-
SHA256
e5e068221c86201cef673bfb25b68785d599fccb75e59970edeff9a2b3ab7963
-
SHA512
496ab96263145428849eed54cd2d9402b2ed1e1e983824f357f45cc3e1df6b447f8d8f6a8cbd168b3a67cb850aef27368542cb6343541796c2cecdc53f309f18
-
SSDEEP
12288:jIlFI5IrYmHzd17Gg0F86zdlDCQjijwzZjlW1wBwPWAY:jKxrYmTryh7DCwij2NlWOBw+AY
Static task
static1
Behavioral task
behavioral1
Sample
e5e068221c86201cef673bfb25b68785d599fccb75e59970edeff9a2b3ab7963.exe
Resource
win7-20240705-en
Malware Config
Extracted
redline
halle
194.55.186.180:55123
Targets
-
-
Target
e5e068221c86201cef673bfb25b68785d599fccb75e59970edeff9a2b3ab7963
-
Size
1.1MB
-
MD5
661b490ece39543114d5dd156b6a96f8
-
SHA1
36c124a39300b7ff411d963637431c0c7baa4915
-
SHA256
e5e068221c86201cef673bfb25b68785d599fccb75e59970edeff9a2b3ab7963
-
SHA512
496ab96263145428849eed54cd2d9402b2ed1e1e983824f357f45cc3e1df6b447f8d8f6a8cbd168b3a67cb850aef27368542cb6343541796c2cecdc53f309f18
-
SSDEEP
12288:jIlFI5IrYmHzd17Gg0F86zdlDCQjijwzZjlW1wBwPWAY:jKxrYmTryh7DCwij2NlWOBw+AY
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-