General
-
Target
d073af4d2f6c88068db61b308ace8e7f476e4b87afa6624209243db943bfabebN
-
Size
479KB
-
Sample
241109-y85qvavjaq
-
MD5
83ec5cdf248e5eef192c2a78f6f58100
-
SHA1
fbaee90a60ef1ffebd28b884648785b596231aab
-
SHA256
d073af4d2f6c88068db61b308ace8e7f476e4b87afa6624209243db943bfabeb
-
SHA512
adc27c15cb8e0fd030679626e395d9a860cade19fa43c93c9b04ff9901906da903969838b50da54f3d53cff5c6ddab5fa11dd9425701f1b2c7e1feb073fbdbeb
-
SSDEEP
12288:cz2/F3bj2fsc9W2YulMgUz0JJZqeA6ebOhr14TaNsZZK7N:m6Fxclyhze3qJOj4TaKZZK
Static task
static1
Behavioral task
behavioral1
Sample
d073af4d2f6c88068db61b308ace8e7f476e4b87afa6624209243db943bfabebN.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
d073af4d2f6c88068db61b308ace8e7f476e4b87afa6624209243db943bfabebN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
gena
185.161.248.73:4164
-
auth_value
d05bf43eef533e262271449829751d07
Targets
-
-
Target
d073af4d2f6c88068db61b308ace8e7f476e4b87afa6624209243db943bfabebN
-
Size
479KB
-
MD5
83ec5cdf248e5eef192c2a78f6f58100
-
SHA1
fbaee90a60ef1ffebd28b884648785b596231aab
-
SHA256
d073af4d2f6c88068db61b308ace8e7f476e4b87afa6624209243db943bfabeb
-
SHA512
adc27c15cb8e0fd030679626e395d9a860cade19fa43c93c9b04ff9901906da903969838b50da54f3d53cff5c6ddab5fa11dd9425701f1b2c7e1feb073fbdbeb
-
SSDEEP
12288:cz2/F3bj2fsc9W2YulMgUz0JJZqeA6ebOhr14TaNsZZK7N:m6Fxclyhze3qJOj4TaKZZK
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-