General
-
Target
7d9837d308d96f96fc3b7fc68a7e4a933a1c4268a974e34629661dec50214832N
-
Size
821KB
-
Sample
241104-p5cq8azdme
-
MD5
639d8042d16de28c65e78469e505a4e0
-
SHA1
8382e873cf83e53adc9808d492010052375d194a
-
SHA256
7d9837d308d96f96fc3b7fc68a7e4a933a1c4268a974e34629661dec50214832
-
SHA512
9e5c3b437202b17c0d9c7d1fdb303c5402d5dc95ffea514e0ab61c3368d9f08c32bcbea1ef23e35ed32a60f1a6b574a30a6b79d2f95cc5c338a252d823b6086a
-
SSDEEP
12288:iMrFy90iQyaEisqVQ2/SmB8sMySNPrr28fxpIN/tyBmUUBfAChHsvVp4DMJsW:PyxuEC/SecuEIuBzyfhkHJJsW
Static task
static1
Behavioral task
behavioral1
Sample
7d9837d308d96f96fc3b7fc68a7e4a933a1c4268a974e34629661dec50214832N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
7d9837d308d96f96fc3b7fc68a7e4a933a1c4268a974e34629661dec50214832N
-
Size
821KB
-
MD5
639d8042d16de28c65e78469e505a4e0
-
SHA1
8382e873cf83e53adc9808d492010052375d194a
-
SHA256
7d9837d308d96f96fc3b7fc68a7e4a933a1c4268a974e34629661dec50214832
-
SHA512
9e5c3b437202b17c0d9c7d1fdb303c5402d5dc95ffea514e0ab61c3368d9f08c32bcbea1ef23e35ed32a60f1a6b574a30a6b79d2f95cc5c338a252d823b6086a
-
SSDEEP
12288:iMrFy90iQyaEisqVQ2/SmB8sMySNPrr28fxpIN/tyBmUUBfAChHsvVp4DMJsW:PyxuEC/SecuEIuBzyfhkHJJsW
-
Detect Mystic stealer payload
-
Mystic family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-