General
-
Target
b7e0e6eee5a65f1f18834da578203dcfcd8f12f87018c9664b8aada3677149e9
-
Size
8.0MB
-
Sample
220314-v77x2aceaj
-
MD5
6447821eb35235f212dd5c080233f669
-
SHA1
4a91a0de39e1f3abf4fa78fa087e299cc151a218
-
SHA256
b7e0e6eee5a65f1f18834da578203dcfcd8f12f87018c9664b8aada3677149e9
-
SHA512
dcae256ca5387391498c72419960a2d2e70714be6280bbf9a0201b3318c8e07a38b90d79074404667856bd3e6ba3e21828e49a19ac7a279725ca543814c34109
Static task
static1
Behavioral task
behavioral1
Sample
b7e0e6eee5a65f1f18834da578203dcfcd8f12f87018c9664b8aada3677149e9.exe
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
b7e0e6eee5a65f1f18834da578203dcfcd8f12f87018c9664b8aada3677149e9.exe
Resource
win10v2004-20220310-en
Malware Config
Extracted
redline
UPD
193.56.146.78:54955
Targets
-
-
Target
b7e0e6eee5a65f1f18834da578203dcfcd8f12f87018c9664b8aada3677149e9
-
Size
8.0MB
-
MD5
6447821eb35235f212dd5c080233f669
-
SHA1
4a91a0de39e1f3abf4fa78fa087e299cc151a218
-
SHA256
b7e0e6eee5a65f1f18834da578203dcfcd8f12f87018c9664b8aada3677149e9
-
SHA512
dcae256ca5387391498c72419960a2d2e70714be6280bbf9a0201b3318c8e07a38b90d79074404667856bd3e6ba3e21828e49a19ac7a279725ca543814c34109
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-