General

  • Target

    Panel.exe

  • Size

    9.3MB

  • Sample

    241224-xzwwxavmdm

  • MD5

    f4e19b67ef27af1434151a512860574e

  • SHA1

    56304fc2729974124341e697f3b21c84a8dd242a

  • SHA256

    c7a8709013ada38fc2e1ceb3b15631f2aea8e156eb3f0aa197e02df1259a493a

  • SHA512

    a92e73d58c51bb74618987f06166f52a65ed1525410aec1b8e377ea8547c1123e313e13e305310f7a750c4561756d87ff558670bf4df8b62ea874d6f7c14ca77

  • SSDEEP

    196608:mJQaPHrQqXs140qMhu8369sV+HLz9SKUeNdDhHidVI1SM52n3iWuUZ/c1sxXoP3p:mJQaPHrQqXs140qMhu8369sV+HLz9SKI

Score
10/10

Malware Config

Targets

    • Target

      Panel.exe

    • Size

      9.3MB

    • MD5

      f4e19b67ef27af1434151a512860574e

    • SHA1

      56304fc2729974124341e697f3b21c84a8dd242a

    • SHA256

      c7a8709013ada38fc2e1ceb3b15631f2aea8e156eb3f0aa197e02df1259a493a

    • SHA512

      a92e73d58c51bb74618987f06166f52a65ed1525410aec1b8e377ea8547c1123e313e13e305310f7a750c4561756d87ff558670bf4df8b62ea874d6f7c14ca77

    • SSDEEP

      196608:mJQaPHrQqXs140qMhu8369sV+HLz9SKUeNdDhHidVI1SM52n3iWuUZ/c1sxXoP3p:mJQaPHrQqXs140qMhu8369sV+HLz9SKI

    Score
    10/10
    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks