General
-
Target
6cf5aacc8ca71d0c8117f98bf2c8830f865b1684fb2b7afc348b3625617fdf15N.exe
-
Size
571KB
-
Sample
241112-x9dhbazcjq
-
MD5
02f8087526a38bff6fa3685afe4bff90
-
SHA1
10d893a63c35046419dc99944e96204b669e8ec4
-
SHA256
6cf5aacc8ca71d0c8117f98bf2c8830f865b1684fb2b7afc348b3625617fdf15
-
SHA512
4999ae6b1ebf57fc572d1138fe472f5dba60fa9720e1d293cc904232f8020f8306c3226c567a9bea9a4b15cc962023cb0c1efdc1503af108ea9a89538ce8afee
-
SSDEEP
12288:Zy907uZ+GR785TmPUSvA8I/h/an457Kv/n74arYBa8H:ZygEQTNSo8e8/74aSa8H
Static task
static1
Behavioral task
behavioral1
Sample
6cf5aacc8ca71d0c8117f98bf2c8830f865b1684fb2b7afc348b3625617fdf15N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
gena
185.161.248.73:4164
-
auth_value
d05bf43eef533e262271449829751d07
Extracted
redline
dante
185.161.248.73:4164
-
auth_value
f4066af6b8a6f23125c8ee48288a3f90
Targets
-
-
Target
6cf5aacc8ca71d0c8117f98bf2c8830f865b1684fb2b7afc348b3625617fdf15N.exe
-
Size
571KB
-
MD5
02f8087526a38bff6fa3685afe4bff90
-
SHA1
10d893a63c35046419dc99944e96204b669e8ec4
-
SHA256
6cf5aacc8ca71d0c8117f98bf2c8830f865b1684fb2b7afc348b3625617fdf15
-
SHA512
4999ae6b1ebf57fc572d1138fe472f5dba60fa9720e1d293cc904232f8020f8306c3226c567a9bea9a4b15cc962023cb0c1efdc1503af108ea9a89538ce8afee
-
SSDEEP
12288:Zy907uZ+GR785TmPUSvA8I/h/an457Kv/n74arYBa8H:ZygEQTNSo8e8/74aSa8H
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-