General
-
Target
0aba330aee0eda3b2d5b51343c4a6a20b84573f628a300a8939235d41b193afd
-
Size
495KB
-
Sample
241112-x762vasngk
-
MD5
31fbe44856943154ede88f6b3886356e
-
SHA1
e274296aa536cd0512b7048bbf521d23b52ae17c
-
SHA256
0aba330aee0eda3b2d5b51343c4a6a20b84573f628a300a8939235d41b193afd
-
SHA512
3f4f10f300a3cd791710a7be89fcd0e128deec916a9d38ffe9a910bb9f23a9503738e1ea267d4a280305e16dee54d4069d615d239525d135022a3dc87a242b7e
-
SSDEEP
12288:sja7iBJfnFomzp29t1S9bJ7rSuf+W/tB:sjW6fFLF2l6R/
Static task
static1
Behavioral task
behavioral1
Sample
0aba330aee0eda3b2d5b51343c4a6a20b84573f628a300a8939235d41b193afd.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
0aba330aee0eda3b2d5b51343c4a6a20b84573f628a300a8939235d41b193afd.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
norm
77.91.124.145:4125
-
auth_value
1514e6c0ec3d10a36f68f61b206f5759
Targets
-
-
Target
0aba330aee0eda3b2d5b51343c4a6a20b84573f628a300a8939235d41b193afd
-
Size
495KB
-
MD5
31fbe44856943154ede88f6b3886356e
-
SHA1
e274296aa536cd0512b7048bbf521d23b52ae17c
-
SHA256
0aba330aee0eda3b2d5b51343c4a6a20b84573f628a300a8939235d41b193afd
-
SHA512
3f4f10f300a3cd791710a7be89fcd0e128deec916a9d38ffe9a910bb9f23a9503738e1ea267d4a280305e16dee54d4069d615d239525d135022a3dc87a242b7e
-
SSDEEP
12288:sja7iBJfnFomzp29t1S9bJ7rSuf+W/tB:sjW6fFLF2l6R/
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-