General

  • Target

    1396-64-0x0000000001EA0000-0x0000000001ED2000-memory.dmp

  • Size

    200KB

  • Sample

    220209-tzf9nsbbbp

  • MD5

    82be3b71d5f510d999c5f58182f99c4e

  • SHA1

    d736236757f6dacf7437f46a4bdfcb4e7b53bb8d

  • SHA256

    da88d1b259e20fc7e6e20225ada636c4124b804694efd6627c97a905317f1d7e

  • SHA512

    2d1d029303d8f83591555da5e9bbff4e151d7672bd756311726632269cdc7becf8d5ea6202bf16c249aac9d7badcdd6715ba77f961ad62f154a140cbf08e981c

Malware Config

Extracted

Family

redline

Botnet

noname

C2

185.215.113.29:20819

Targets

    • Target

      1396-64-0x0000000001EA0000-0x0000000001ED2000-memory.dmp

    • Size

      200KB

    • MD5

      82be3b71d5f510d999c5f58182f99c4e

    • SHA1

      d736236757f6dacf7437f46a4bdfcb4e7b53bb8d

    • SHA256

      da88d1b259e20fc7e6e20225ada636c4124b804694efd6627c97a905317f1d7e

    • SHA512

      2d1d029303d8f83591555da5e9bbff4e151d7672bd756311726632269cdc7becf8d5ea6202bf16c249aac9d7badcdd6715ba77f961ad62f154a140cbf08e981c

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine Payload

MITRE ATT&CK Matrix

Tasks