General
-
Target
BrightVPN-Setup-1.422.634-fb2e56b7_pass123.rar
-
Size
1.6MB
-
Sample
240629-ezbxma1ara
-
MD5
5463655fb82c3271f41acf756fe82577
-
SHA1
4c64f4fcf1f64ac3aa4086cbccf0fdc5de0854a6
-
SHA256
77436bfe8498d733a09f07608054731d5f7ddb28e56ea7166c89fbae134fe334
-
SHA512
510316f97aee0d814aeae12fd9bfb0a484c0146ba0d4cdc6988c8a014664026ed3c41794ddbadb736fcc96fe8e83cea514ea6e1a9ce12d9848186771b8a98827
-
SSDEEP
24576:530ImfpJElqcPs3JQ8yRHAMF8Nyq0HQoiYYEPNpPkpIaGD8e71krJOqAMBDgzuis:RpmfpiZs3RwgMgyqOMYPUpIbJMcu/
Static task
static1
Behavioral task
behavioral1
Sample
BrightVPN-Setup-1.422.634-fb2e56b7_pass123.rar
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
BrightVPN-Setup-1.422.634-fb2e56b7_pass123.rar
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
BrightVPN-Setup-1.422.634-fb2e56b7_pass123.rar
-
Size
1.6MB
-
MD5
5463655fb82c3271f41acf756fe82577
-
SHA1
4c64f4fcf1f64ac3aa4086cbccf0fdc5de0854a6
-
SHA256
77436bfe8498d733a09f07608054731d5f7ddb28e56ea7166c89fbae134fe334
-
SHA512
510316f97aee0d814aeae12fd9bfb0a484c0146ba0d4cdc6988c8a014664026ed3c41794ddbadb736fcc96fe8e83cea514ea6e1a9ce12d9848186771b8a98827
-
SSDEEP
24576:530ImfpJElqcPs3JQ8yRHAMF8Nyq0HQoiYYEPNpPkpIaGD8e71krJOqAMBDgzuis:RpmfpiZs3RwgMgyqOMYPUpIbJMcu/
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-