General
-
Target
notorr.zip
-
Size
552KB
-
Sample
240708-kdflksshmd
-
MD5
8af5f2d545b6a178a36a278d09c88441
-
SHA1
60cec2dac90491d067c1495748ee9db83c5a5423
-
SHA256
0abf020d43ae848495fe586a97df3d1efece4ad9ccbbbe33dba8566db514ec96
-
SHA512
86fbb1751386ce3eec4ebfb0db5469a152d8cf2cb0be04f17e5ca46697d141f7011cfb9a460e8ef68e7bdf74cd97b7be893bfe8fe4aa91dec593aad055122519
-
SSDEEP
12288:BphBfG+wahFoNC6p1mRbaXyJL/PU4YDtcRw64ABCiMqN6GBy+O:vWC6p1NSjU7/a5bNlO
Static task
static1
Behavioral task
behavioral1
Sample
b539acc51a48e2088f90ab0a82f60f38a784105712ef57542e8e1552a1c6aaad.exe
Resource
win7-20240704-en
Malware Config
Extracted
redline
french
91.92.243.245:47477
Targets
-
-
Target
b539acc51a48e2088f90ab0a82f60f38a784105712ef57542e8e1552a1c6aaad
-
Size
1.0MB
-
MD5
0a136df16d906821f105096987d43e11
-
SHA1
5b4478cabb9e3d2673643235aa1980df5b2ea671
-
SHA256
b539acc51a48e2088f90ab0a82f60f38a784105712ef57542e8e1552a1c6aaad
-
SHA512
2f6b8014be9e4d2fc858fcf0b66690e3a6bc4dbd25ae7c52bd69c732dafa432b86ea6ffd45304d1fa9b58b8e6ee73ff6021a47b6158d0ea061f47c5590e812de
-
SSDEEP
24576:AAHnh+eWsN3skA4RV1Hom2KXMmHa5R3MeYTslWVNB5:3h+ZkldoPK8Ya5R8eYSWVt
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-