General
-
Target
e7bb292889efd98aceb4ad110cf7eb50N.exe
-
Size
688KB
-
Sample
240824-vjvb2asank
-
MD5
e7bb292889efd98aceb4ad110cf7eb50
-
SHA1
e3062e2cedb677fbe1198514b0b08d5fd047e7be
-
SHA256
b4b4b5dcb6a7cd47a52ae640673894c56f45a725d6a96a994239b9aa3f6f8ea8
-
SHA512
e9868267862774add8a1222f9094ff412ff45f3a9d0a18d5b075ec8b3feae138ddc498deb0ec49dde221cdcc08852affa99d7f7a5b6d6e3a83d1ad37b33d22ec
-
SSDEEP
12288:AMrAy90ieQqXGoefQDS53uBRElwo/CcPo34F/52GDTHo+xEbFW33:wyXKGoUx3uBRejowJTI9FM
Static task
static1
Behavioral task
behavioral1
Sample
e7bb292889efd98aceb4ad110cf7eb50N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
redline
kukish
77.91.124.55:19071
Targets
-
-
Target
e7bb292889efd98aceb4ad110cf7eb50N.exe
-
Size
688KB
-
MD5
e7bb292889efd98aceb4ad110cf7eb50
-
SHA1
e3062e2cedb677fbe1198514b0b08d5fd047e7be
-
SHA256
b4b4b5dcb6a7cd47a52ae640673894c56f45a725d6a96a994239b9aa3f6f8ea8
-
SHA512
e9868267862774add8a1222f9094ff412ff45f3a9d0a18d5b075ec8b3feae138ddc498deb0ec49dde221cdcc08852affa99d7f7a5b6d6e3a83d1ad37b33d22ec
-
SSDEEP
12288:AMrAy90ieQqXGoefQDS53uBRElwo/CcPo34F/52GDTHo+xEbFW33:wyXKGoUx3uBRejowJTI9FM
-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-