General
-
Target
0ff0729cd09df6cad3137f67a369ffcc4dccba28298399b527ec8b26438297fc.exe
-
Size
487KB
-
Sample
241124-dbfegazqb1
-
MD5
6f9d993a627db18c1811606dafaa1d0f
-
SHA1
c3868d3cfd0303cd98b3389f4f99e7a7e4637745
-
SHA256
0ff0729cd09df6cad3137f67a369ffcc4dccba28298399b527ec8b26438297fc
-
SHA512
ac1d5290f1690b40f640e71afd0c7f00efddcc11bbb2b46c68dc4ca6dd2fb6e6877e45610a6abcc55f7d8000b0fef4acbc6f9bb7611de96ffcfd1de5f8071cf5
-
SSDEEP
12288:Ihxp3lZnT9bD4h3d1yBGIxUyxy4H9KIUfNTu:IJlh9bD4hryBG+GNa
Static task
static1
Behavioral task
behavioral1
Sample
0ff0729cd09df6cad3137f67a369ffcc4dccba28298399b527ec8b26438297fc.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
0ff0729cd09df6cad3137f67a369ffcc4dccba28298399b527ec8b26438297fc.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
0ff0729cd09df6cad3137f67a369ffcc4dccba28298399b527ec8b26438297fc.exe
-
Size
487KB
-
MD5
6f9d993a627db18c1811606dafaa1d0f
-
SHA1
c3868d3cfd0303cd98b3389f4f99e7a7e4637745
-
SHA256
0ff0729cd09df6cad3137f67a369ffcc4dccba28298399b527ec8b26438297fc
-
SHA512
ac1d5290f1690b40f640e71afd0c7f00efddcc11bbb2b46c68dc4ca6dd2fb6e6877e45610a6abcc55f7d8000b0fef4acbc6f9bb7611de96ffcfd1de5f8071cf5
-
SSDEEP
12288:Ihxp3lZnT9bD4h3d1yBGIxUyxy4H9KIUfNTu:IJlh9bD4hryBG+GNa
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-