General
-
Target
7ba90995912893f3b4b360e27e22e72d658082fc6821452f26866e197a1c9174.exe
-
Size
1.1MB
-
Sample
241123-yna1qszlhj
-
MD5
ca506199875974723455db521eeb1ff6
-
SHA1
36d64546cdb602e32add35fa8daa87eea4edaffe
-
SHA256
7ba90995912893f3b4b360e27e22e72d658082fc6821452f26866e197a1c9174
-
SHA512
9106166c18084a22c7f170ed7df9aa05e9de1ceb12bdc8959cf1c84dc7a7c00ebcd304b5237ea7c3202fe71adc64fa65cad2fdc1a5978de8bf492ae4367447e5
-
SSDEEP
24576:kbTxmHu/2G+2Bkuq6nR3WgTcPUT5sbJUnUQuVTGYjwmAHfT3ZSqWV:kbTxsu/SCWgYPaIUUdjtscV
Static task
static1
Behavioral task
behavioral1
Sample
7ba90995912893f3b4b360e27e22e72d658082fc6821452f26866e197a1c9174.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
7ba90995912893f3b4b360e27e22e72d658082fc6821452f26866e197a1c9174.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
@stanfordlzt
185.209.22.181:34925
-
auth_value
5a0918bd3e8ede8e02c8dd9d106a996d
Targets
-
-
Target
7ba90995912893f3b4b360e27e22e72d658082fc6821452f26866e197a1c9174.exe
-
Size
1.1MB
-
MD5
ca506199875974723455db521eeb1ff6
-
SHA1
36d64546cdb602e32add35fa8daa87eea4edaffe
-
SHA256
7ba90995912893f3b4b360e27e22e72d658082fc6821452f26866e197a1c9174
-
SHA512
9106166c18084a22c7f170ed7df9aa05e9de1ceb12bdc8959cf1c84dc7a7c00ebcd304b5237ea7c3202fe71adc64fa65cad2fdc1a5978de8bf492ae4367447e5
-
SSDEEP
24576:kbTxmHu/2G+2Bkuq6nR3WgTcPUT5sbJUnUQuVTGYjwmAHfT3ZSqWV:kbTxsu/SCWgYPaIUUdjtscV
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Redline family
-
SectopRAT payload
-
Sectoprat family
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-