General
-
Target
2638e60aac255c92586d7818bef2c896bea1e942d0e3679c3b6b02a42d28724f
-
Size
582KB
-
Sample
241112-za6qxstngk
-
MD5
8f14833d1412aaa586ba64fd6ef6a573
-
SHA1
85831f31aa378becfb8e48d8c9c801f963a986f1
-
SHA256
2638e60aac255c92586d7818bef2c896bea1e942d0e3679c3b6b02a42d28724f
-
SHA512
2be226858b41c24c627f991d208f835647c98d124e1f4602a5d46697297aa6b013a847eb17923096eba61330835d57d8ac6213318575161e6c2e6d3dc7749887
-
SSDEEP
12288:ZsLi9pW/d6CU9XVo8dY9o67hNmeKbu163q:ZGiEd6CU9Fo8d67hNmeKa43q
Static task
static1
Behavioral task
behavioral1
Sample
2638e60aac255c92586d7818bef2c896bea1e942d0e3679c3b6b02a42d28724f.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
2638e60aac255c92586d7818bef2c896bea1e942d0e3679c3b6b02a42d28724f.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
gena
185.161.248.73:4164
-
auth_value
d05bf43eef533e262271449829751d07
Targets
-
-
Target
2638e60aac255c92586d7818bef2c896bea1e942d0e3679c3b6b02a42d28724f
-
Size
582KB
-
MD5
8f14833d1412aaa586ba64fd6ef6a573
-
SHA1
85831f31aa378becfb8e48d8c9c801f963a986f1
-
SHA256
2638e60aac255c92586d7818bef2c896bea1e942d0e3679c3b6b02a42d28724f
-
SHA512
2be226858b41c24c627f991d208f835647c98d124e1f4602a5d46697297aa6b013a847eb17923096eba61330835d57d8ac6213318575161e6c2e6d3dc7749887
-
SSDEEP
12288:ZsLi9pW/d6CU9XVo8dY9o67hNmeKbu163q:ZGiEd6CU9Fo8d67hNmeKa43q
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-