General
-
Target
ocHcxXqIvZbjJ5SjBH0EkE2Y.exe
-
Size
1.2MB
-
Sample
240712-vv41lssgkn
-
MD5
44c355ae8cc3ecc4a95b5716fb9635fd
-
SHA1
f4d46438cad6fac2be4fb08cf6972a8306e5e12a
-
SHA256
f77f16151eb30569f7f1276063f67100c6ad439fde9d07605c5ae5e0c9eb8b7d
-
SHA512
46ab10861ff330796bd7e60c71e474ebb7a44d2000eea9d56c4fcc27d6b1e1c643996c91d6261f107aa5b86b3bbaf38c23be4705a6fcc3a587bd9d7422c7f259
-
SSDEEP
12288:2kYE2r670sGqlvG2Hbt5wzdoLTgN/p48azOzPxiDOZ3IHSrsZn8NxNZLAdXeUif8:VmElvGuXeULC
Static task
static1
Behavioral task
behavioral1
Sample
ocHcxXqIvZbjJ5SjBH0EkE2Y.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
ocHcxXqIvZbjJ5SjBH0EkE2Y.exe
Resource
win7-20240705-en
Behavioral task
behavioral3
Sample
ocHcxXqIvZbjJ5SjBH0EkE2Y.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
redline
1
37.0.8.88:44263
Targets
-
-
Target
ocHcxXqIvZbjJ5SjBH0EkE2Y.exe
-
Size
1.2MB
-
MD5
44c355ae8cc3ecc4a95b5716fb9635fd
-
SHA1
f4d46438cad6fac2be4fb08cf6972a8306e5e12a
-
SHA256
f77f16151eb30569f7f1276063f67100c6ad439fde9d07605c5ae5e0c9eb8b7d
-
SHA512
46ab10861ff330796bd7e60c71e474ebb7a44d2000eea9d56c4fcc27d6b1e1c643996c91d6261f107aa5b86b3bbaf38c23be4705a6fcc3a587bd9d7422c7f259
-
SSDEEP
12288:2kYE2r670sGqlvG2Hbt5wzdoLTgN/p48azOzPxiDOZ3IHSrsZn8NxNZLAdXeUif8:VmElvGuXeULC
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-