General
-
Target
59440d6673b231a4df3ae8a4e0c48650f58c09b2b058bae38725610b4f8ce90b.exe
-
Size
427KB
-
Sample
241113-ypqsks1qfp
-
MD5
62f3988964902773912b38eb0aaad68f
-
SHA1
1ac4e5a6550dd6a4ab68c87f3fd6255064b6409f
-
SHA256
59440d6673b231a4df3ae8a4e0c48650f58c09b2b058bae38725610b4f8ce90b
-
SHA512
99dd0dc28e754a068a63d347c4a5b5faef68d35a52dece839a706197b6800d0541b0332bb982d99f8ac3f0ebb247012e65fc04ceb4a961633a441e026fb31afd
-
SSDEEP
12288:Pk1JXkSu27c22f3ZNW55VfU4PrgUHL2yRG/o+:kNkb27iZNWdu
Static task
static1
Behavioral task
behavioral1
Sample
59440d6673b231a4df3ae8a4e0c48650f58c09b2b058bae38725610b4f8ce90b.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
59440d6673b231a4df3ae8a4e0c48650f58c09b2b058bae38725610b4f8ce90b.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
norm
77.91.124.145:4125
-
auth_value
1514e6c0ec3d10a36f68f61b206f5759
Targets
-
-
Target
59440d6673b231a4df3ae8a4e0c48650f58c09b2b058bae38725610b4f8ce90b.exe
-
Size
427KB
-
MD5
62f3988964902773912b38eb0aaad68f
-
SHA1
1ac4e5a6550dd6a4ab68c87f3fd6255064b6409f
-
SHA256
59440d6673b231a4df3ae8a4e0c48650f58c09b2b058bae38725610b4f8ce90b
-
SHA512
99dd0dc28e754a068a63d347c4a5b5faef68d35a52dece839a706197b6800d0541b0332bb982d99f8ac3f0ebb247012e65fc04ceb4a961633a441e026fb31afd
-
SSDEEP
12288:Pk1JXkSu27c22f3ZNW55VfU4PrgUHL2yRG/o+:kNkb27iZNWdu
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-