General
-
Target
5824addc5cace9168fb18810a557998d
-
Size
2.3MB
-
Sample
240113-gj33aadbar
-
MD5
5824addc5cace9168fb18810a557998d
-
SHA1
f6578c7764eafd0f62027781e131e182cf840786
-
SHA256
fa6a68e4dff9c701b5a7e4d621dfd67dda338e2c1eae3180d69abae2b2abafcd
-
SHA512
fd5722eb620fb181ba19be493baa27baaf2a6556575ab6a15b31bdd184a0de88d8e3407c141a4e87c52f37b117d82444ef50c477cd2e0398cfdc8e24a705f4f8
-
SSDEEP
49152:M5+hFb9qaxBvTd8gNzZLNWT5VJtzFrzezgvGjo+WXxiz8lVHTIioOFZQ+/:M5aFb5kczTWT9tzFrKlhmxiqZ7/
Static task
static1
Behavioral task
behavioral1
Sample
5824addc5cace9168fb18810a557998d.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
5824addc5cace9168fb18810a557998d.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
@Makarenaq
45.14.49.109:21295
Targets
-
-
Target
5824addc5cace9168fb18810a557998d
-
Size
2.3MB
-
MD5
5824addc5cace9168fb18810a557998d
-
SHA1
f6578c7764eafd0f62027781e131e182cf840786
-
SHA256
fa6a68e4dff9c701b5a7e4d621dfd67dda338e2c1eae3180d69abae2b2abafcd
-
SHA512
fd5722eb620fb181ba19be493baa27baaf2a6556575ab6a15b31bdd184a0de88d8e3407c141a4e87c52f37b117d82444ef50c477cd2e0398cfdc8e24a705f4f8
-
SSDEEP
49152:M5+hFb9qaxBvTd8gNzZLNWT5VJtzFrzezgvGjo+WXxiz8lVHTIioOFZQ+/:M5aFb5kczTWT9tzFrKlhmxiqZ7/
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-