General
-
Target
5928745f1d5cab62de613b4c5f558df1
-
Size
2.3MB
-
Sample
240113-tnmbjsdag5
-
MD5
5928745f1d5cab62de613b4c5f558df1
-
SHA1
4a511b360df83b69f9144e6fb23f3ea0b133ccfd
-
SHA256
10cdc1c1b8112716b5aec0caba5db1cef422176c550288f4952473c216357466
-
SHA512
e81ce51d581ac136d5884730a8af696f006ddc2e6d6f334cfab9195f6db5e1f75adcddd53a6d4ebed60753e45cd65d19a15f25886b3dd3a988f5794b4e71df9a
-
SSDEEP
49152:/5+hFVRTb0i5i+7baItMOV861aT0Sxiz8lVHTIioOFZQ+A:/5aFVSi5B7OICOV83ISxiqZ7A
Static task
static1
Behavioral task
behavioral1
Sample
5928745f1d5cab62de613b4c5f558df1.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
5928745f1d5cab62de613b4c5f558df1.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
@lovefuckwithyourmom
xetadycami.xyz:80
Targets
-
-
Target
5928745f1d5cab62de613b4c5f558df1
-
Size
2.3MB
-
MD5
5928745f1d5cab62de613b4c5f558df1
-
SHA1
4a511b360df83b69f9144e6fb23f3ea0b133ccfd
-
SHA256
10cdc1c1b8112716b5aec0caba5db1cef422176c550288f4952473c216357466
-
SHA512
e81ce51d581ac136d5884730a8af696f006ddc2e6d6f334cfab9195f6db5e1f75adcddd53a6d4ebed60753e45cd65d19a15f25886b3dd3a988f5794b4e71df9a
-
SSDEEP
49152:/5+hFVRTb0i5i+7baItMOV861aT0Sxiz8lVHTIioOFZQ+A:/5aFVSi5B7OICOV83ISxiqZ7A
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-