General
-
Target
Installer-Master_v8.3o.exe
-
Size
65.8MB
-
Sample
240404-f6w2tagd49
-
MD5
353000456aeb99f0a64d77380315889a
-
SHA1
29aa10a5afb52fb29acd223adfe61516d9a1ec33
-
SHA256
104b1ab313ef8e426b4beb79c9c252c063488c66cf722906e81163bab875d414
-
SHA512
839b979c7b74c2005fe366d652e55b7bfcab8ecefbdcf03866a03320a7f93340d57cc332d057274b31e149aa6a00c2c29c9a89cd8b3f1a9d869dec5b8a4fd2d3
-
SSDEEP
1572864:ETelkQytjjeRAeV2VKxE8tU3YaevbpuYl1ddnmmFUw:Ed9jeRALb8tU3YnFma
Static task
static1
Behavioral task
behavioral1
Sample
Installer-Master_v8.3o.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
2
193.233.132.32:38976
Targets
-
-
Target
Installer-Master_v8.3o.exe
-
Size
65.8MB
-
MD5
353000456aeb99f0a64d77380315889a
-
SHA1
29aa10a5afb52fb29acd223adfe61516d9a1ec33
-
SHA256
104b1ab313ef8e426b4beb79c9c252c063488c66cf722906e81163bab875d414
-
SHA512
839b979c7b74c2005fe366d652e55b7bfcab8ecefbdcf03866a03320a7f93340d57cc332d057274b31e149aa6a00c2c29c9a89cd8b3f1a9d869dec5b8a4fd2d3
-
SSDEEP
1572864:ETelkQytjjeRAeV2VKxE8tU3YaevbpuYl1ddnmmFUw:Ed9jeRALb8tU3YnFma
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-