redline | 3190dabfff2aad6baa93e6a9f0e0729581174ffae34b708a67a11c9c2c22f53e

General

Target

3190dabfff2aad6baa93e6a9f0e0729581174ffae34b708a67a11c9c2c22f53e.exe
Size

704KB
MD5

0b5dd85b1c4310249c87268370191a90
SHA1

28455b31fb78c4fcb3df25a60374cb2050922ab7
SHA256

3190dabfff2aad6baa93e6a9f0e0729581174ffae34b708a67a11c9c2c22f53e
SHA512

026e7e7910fd3a48a9587bf3d2846618a0fd30777e2c452c78fe74ba740ca090a03ce91a67b4ec340d203b4bd3d122a0cc0800dc43c09ec4b5a034b0e359bfe2

Score

10^/10

redline aboba infostealer

Malware Config

Extracted

Family

redline

Botnet

aboba

C2

95.181.152.149:27209

Attributes

auth_value
9ef0875df33a8cb88246deeee46c0075

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

RedLine Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/1896-54-0x0000000003360000-0x000000000338F000-memory.dmp	family_redline
behavioral1/memory/1896-102-0x00000000037D0000-0x00000000037F0000-memory.dmp	family_redline

C:\Users\Admin\AppData\Local\Temp\3190dabfff2aad6baa93e6a9f0e0729581174ffae34b708a67a11c9c2c22f53e.exe
"C:\Users\Admin\AppData\Local\Temp\3190dabfff2aad6baa93e6a9f0e0729581174ffae34b708a67a11c9c2c22f53e.exe"
1⤵
PID:1896

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1896-54-0x0000000003360000-0x000000000338F000-memory.dmp

Filesize
188KB

Download
memory/1896-61-0x0000000002290000-0x0000000002291000-memory.dmp

Filesize
4KB

Download
memory/1896-60-0x0000000000380000-0x00000000003DF000-memory.dmp

Filesize
380KB

Download
memory/1896-62-0x0000000002250000-0x0000000002251000-memory.dmp

Filesize
4KB

Download
memory/1896-63-0x0000000002240000-0x0000000002241000-memory.dmp

Filesize
4KB

Download
memory/1896-64-0x0000000002260000-0x0000000002261000-memory.dmp

Filesize
4KB

Download
memory/1896-65-0x0000000002270000-0x0000000002271000-memory.dmp

Filesize
4KB

Download
memory/1896-66-0x0000000002280000-0x0000000002281000-memory.dmp

Filesize
4KB

Download
memory/1896-67-0x00000000022B0000-0x00000000022B1000-memory.dmp

Filesize
4KB

Download
memory/1896-68-0x00000000022A0000-0x00000000022A1000-memory.dmp

Filesize
4KB

Download
memory/1896-69-0x0000000003270000-0x0000000003271000-memory.dmp

Filesize
4KB

Download
memory/1896-70-0x0000000003260000-0x0000000003261000-memory.dmp

Filesize
4KB

Download
memory/1896-72-0x00000000005F0000-0x00000000005F1000-memory.dmp

Filesize
4KB

Download
memory/1896-71-0x0000000000630000-0x0000000000631000-memory.dmp

Filesize
4KB

Download
memory/1896-73-0x00000000005E0000-0x00000000005E1000-memory.dmp

Filesize
4KB

Download
memory/1896-75-0x0000000000600000-0x0000000000601000-memory.dmp

Filesize
4KB

Download
memory/1896-74-0x0000000000620000-0x0000000000621000-memory.dmp

Filesize
4KB

Download
memory/1896-76-0x0000000000750000-0x0000000000751000-memory.dmp

Filesize
4KB

Download
memory/1896-78-0x0000000000890000-0x0000000000891000-memory.dmp

Filesize
4KB

Download
memory/1896-77-0x00000000008E0000-0x00000000008E1000-memory.dmp

Filesize
4KB

Download
memory/1896-79-0x0000000000880000-0x0000000000881000-memory.dmp

Filesize
4KB

Download
memory/1896-80-0x00000000008A0000-0x00000000008A1000-memory.dmp

Filesize
4KB

Download
memory/1896-82-0x00000000008C0000-0x00000000008C1000-memory.dmp

Filesize
4KB

Download
memory/1896-81-0x00000000008B0000-0x00000000008B1000-memory.dmp

Filesize
4KB

Download
memory/1896-83-0x0000000002200000-0x0000000002201000-memory.dmp

Filesize
4KB

Download
memory/1896-84-0x0000000003330000-0x0000000003331000-memory.dmp

Filesize
4KB

Download
memory/1896-86-0x0000000002610000-0x0000000002611000-memory.dmp

Filesize
4KB

Download
memory/1896-85-0x0000000002650000-0x0000000002651000-memory.dmp

Filesize
4KB

Download
memory/1896-87-0x0000000002600000-0x0000000002601000-memory.dmp

Filesize
4KB

Download
memory/1896-90-0x0000000002640000-0x0000000002641000-memory.dmp

Filesize
4KB

Download
memory/1896-89-0x0000000002630000-0x0000000002631000-memory.dmp

Filesize
4KB

Download
memory/1896-88-0x0000000002620000-0x0000000002621000-memory.dmp

Filesize
4KB

Download
memory/1896-91-0x0000000002670000-0x0000000002671000-memory.dmp

Filesize
4KB

Download
memory/1896-92-0x00000000025F0000-0x00000000025F1000-memory.dmp

Filesize
4KB

Download
memory/1896-93-0x00000000032E0000-0x00000000032E1000-memory.dmp

Filesize
4KB

Download
memory/1896-94-0x00000000032D0000-0x00000000032D1000-memory.dmp

Filesize
4KB

Download
memory/1896-95-0x0000000003320000-0x0000000003321000-memory.dmp

Filesize
4KB

Download
memory/1896-97-0x00000000032C0000-0x00000000032C1000-memory.dmp

Filesize
4KB

Download
memory/1896-96-0x0000000003310000-0x0000000003311000-memory.dmp

Filesize
4KB

Download
memory/1896-98-0x00000000032B0000-0x00000000032B1000-memory.dmp

Filesize
4KB

Download
memory/1896-99-0x0000000003361000-0x000000000336C000-memory.dmp

Filesize
44KB

Download
memory/1896-100-0x0000000074DAE000-0x0000000074DAF000-memory.dmp

Filesize
4KB

Download
memory/1896-101-0x00000000061F1000-0x00000000061F2000-memory.dmp

Filesize
4KB

Download
memory/1896-102-0x00000000037D0000-0x00000000037F0000-memory.dmp

Filesize
128KB

Download
memory/1896-103-0x00000000061F2000-0x00000000061F3000-memory.dmp

Filesize
4KB

Download
memory/1896-104-0x00000000061F4000-0x00000000061F5000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads