General
-
Target
a410c71a8a33ec7a4a5757527e48b8f59bba44e155ca1638aa6fe2530c668b0f
-
Size
575KB
-
Sample
241110-bl6cjawejj
-
MD5
6afe64b439066df3a19089f6063b2f14
-
SHA1
5588fea6031f1ee8fc69d161c265f44d9e718d84
-
SHA256
a410c71a8a33ec7a4a5757527e48b8f59bba44e155ca1638aa6fe2530c668b0f
-
SHA512
7526a8c5a2007e8fb47e0801d79f375140e98b0a403eeb100df778c7a1ec6856e4408c80326de17f0aa1d75785e2f5b8827f79eb8d0d54a522abf7b7ae4c0ed9
-
SSDEEP
12288:U91WnKygIjVozbSH0IUADHHZgIT4G0cIKds3N:s1RIjFH0IUKHH2IxIKE
Static task
static1
Behavioral task
behavioral1
Sample
a410c71a8a33ec7a4a5757527e48b8f59bba44e155ca1638aa6fe2530c668b0f.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
a410c71a8a33ec7a4a5757527e48b8f59bba44e155ca1638aa6fe2530c668b0f.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
gena
185.161.248.73:4164
-
auth_value
d05bf43eef533e262271449829751d07
Targets
-
-
Target
a410c71a8a33ec7a4a5757527e48b8f59bba44e155ca1638aa6fe2530c668b0f
-
Size
575KB
-
MD5
6afe64b439066df3a19089f6063b2f14
-
SHA1
5588fea6031f1ee8fc69d161c265f44d9e718d84
-
SHA256
a410c71a8a33ec7a4a5757527e48b8f59bba44e155ca1638aa6fe2530c668b0f
-
SHA512
7526a8c5a2007e8fb47e0801d79f375140e98b0a403eeb100df778c7a1ec6856e4408c80326de17f0aa1d75785e2f5b8827f79eb8d0d54a522abf7b7ae4c0ed9
-
SSDEEP
12288:U91WnKygIjVozbSH0IUADHHZgIT4G0cIKds3N:s1RIjFH0IUKHH2IxIKE
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-