General
-
Target
Yc3OSkUSm5dLQY906NXrU_Xf.exe
-
Size
589KB
-
Sample
240712-v5k1gstbkp
-
MD5
34c76bcc1506b513c7a1ac605c045c4e
-
SHA1
271c6b3853e33e039242da7cf8f4465c48e90d2e
-
SHA256
1e7f2339065e8a6909eea27f090499a1af6427d1563ceac0cd25c916c637d29d
-
SHA512
cb2170b5fa492dcb7df54cfd7f4ad94214de98face0f1710cbad749c79bf322ea1106ace723520486bdeabdf0aa2eefbf70dcc060d61fcda1124298225c36865
-
SSDEEP
12288:fhdKHkwkYGXXRJRC7ijHRAWteLwnHdYnXQ6mr4ZFrUD:fzKYQv
Static task
static1
Behavioral task
behavioral1
Sample
Yc3OSkUSm5dLQY906NXrU_Xf.exe
Resource
win7-20240708-en
Malware Config
Extracted
redline
23.08
95.181.172.100:55640
Targets
-
-
Target
Yc3OSkUSm5dLQY906NXrU_Xf.exe
-
Size
589KB
-
MD5
34c76bcc1506b513c7a1ac605c045c4e
-
SHA1
271c6b3853e33e039242da7cf8f4465c48e90d2e
-
SHA256
1e7f2339065e8a6909eea27f090499a1af6427d1563ceac0cd25c916c637d29d
-
SHA512
cb2170b5fa492dcb7df54cfd7f4ad94214de98face0f1710cbad749c79bf322ea1106ace723520486bdeabdf0aa2eefbf70dcc060d61fcda1124298225c36865
-
SSDEEP
12288:fhdKHkwkYGXXRJRC7ijHRAWteLwnHdYnXQ6mr4ZFrUD:fzKYQv
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-