General
-
Target
2108b6d4b4a78e2a094fd01a0f666c92cf59feda
-
Size
2.5MB
-
Sample
241110-gl4ftstqck
-
MD5
6bb490266fde82840d4fc318d69101ba
-
SHA1
2108b6d4b4a78e2a094fd01a0f666c92cf59feda
-
SHA256
5141965861b8f6963059b5f02a895e53339db50be33901bd052c323bcd5dc16a
-
SHA512
efb1737a04290f07102cc209fbefa3923c78be3ca7cb4eba57f3e91872b5ca506860b72e1f14cedaecca2cbed8e60ad4059b59b7fd91eedcccab705647182160
-
SSDEEP
24576:FU8cmx/CVYPp4mKR4YDYdhFCsSMeJfU3dxtp4HIbTK5rbEJ+2JL7iFtMl3RuQ55A:+8/hCVYqmKFenCrbEJ+2JPoMl3U
Static task
static1
Behavioral task
behavioral1
Sample
2108b6d4b4a78e2a094fd01a0f666c92cf59feda.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
2108b6d4b4a78e2a094fd01a0f666c92cf59feda.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
1652085892
79.137.192.6:8362
Targets
-
-
Target
2108b6d4b4a78e2a094fd01a0f666c92cf59feda
-
Size
2.5MB
-
MD5
6bb490266fde82840d4fc318d69101ba
-
SHA1
2108b6d4b4a78e2a094fd01a0f666c92cf59feda
-
SHA256
5141965861b8f6963059b5f02a895e53339db50be33901bd052c323bcd5dc16a
-
SHA512
efb1737a04290f07102cc209fbefa3923c78be3ca7cb4eba57f3e91872b5ca506860b72e1f14cedaecca2cbed8e60ad4059b59b7fd91eedcccab705647182160
-
SSDEEP
24576:FU8cmx/CVYPp4mKR4YDYdhFCsSMeJfU3dxtp4HIbTK5rbEJ+2JL7iFtMl3RuQ55A:+8/hCVYqmKFenCrbEJ+2JPoMl3U
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
SectopRAT payload
-
Sectoprat family
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-