General
-
Target
f8ef4d4677aa86895d48bc1fc4e3955db7e59c93107e5588ed39edac25435826N
-
Size
821KB
-
Sample
241030-mdjdkszmgv
-
MD5
d041772bcb0d99fcb2920e2fc68a8b80
-
SHA1
25c01049e5b270365058834d5cb0d4946bcccc11
-
SHA256
f8ef4d4677aa86895d48bc1fc4e3955db7e59c93107e5588ed39edac25435826
-
SHA512
f2356b7edac1969fa292d4cad18a5355acc67dcc7347745ff83eae19595cad883b5d41e84e977768a5627657b0d4ce48170e7afb2f22dce44a0c18b595122601
-
SSDEEP
12288:JMrsy905ZMxOCAA2uXf6omB8sMyyNnrr2sfxpaNdtyDmzj99Z4b1/+ARQN:FymZ7CAEdeImwaADujq/HU
Static task
static1
Behavioral task
behavioral1
Sample
f8ef4d4677aa86895d48bc1fc4e3955db7e59c93107e5588ed39edac25435826N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
f8ef4d4677aa86895d48bc1fc4e3955db7e59c93107e5588ed39edac25435826N
-
Size
821KB
-
MD5
d041772bcb0d99fcb2920e2fc68a8b80
-
SHA1
25c01049e5b270365058834d5cb0d4946bcccc11
-
SHA256
f8ef4d4677aa86895d48bc1fc4e3955db7e59c93107e5588ed39edac25435826
-
SHA512
f2356b7edac1969fa292d4cad18a5355acc67dcc7347745ff83eae19595cad883b5d41e84e977768a5627657b0d4ce48170e7afb2f22dce44a0c18b595122601
-
SSDEEP
12288:JMrsy905ZMxOCAA2uXf6omB8sMyyNnrr2sfxpaNdtyDmzj99Z4b1/+ARQN:FymZ7CAEdeImwaADujq/HU
-
Detect Mystic stealer payload
-
Mystic family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-