1716-71-0x00000000003B0000-0x00000000003D0000-memory.dmp

General
Target

1716-71-0x00000000003B0000-0x00000000003D0000-memory.dmp

Size

128KB

Sample

220514-sfc78sadc6

Score
10 /10
MD5

73943755ec77aa8734b85cdf66cfa687

SHA1

96a313d4f92e3108ec4968191cb09e54309c1c61

SHA256

f341c3e45f181170afcb9319faf06996d3892949ab5078e26df9432ccffa4709

SHA512

570abfb9d7169e56f59ac80f13f9e50845f861ed7da7d5a580696b74543b2251c827c2abe9bd7fd5c514ff3d78efbafe39fbb8289528040f95465f5c73ab9a29

Malware Config

Extracted

Family redline
Botnet test1
C2

23.88.112.179:19536

Attributes
auth_value
68c6114f4d4c471ad88677f54e75676f
Targets
Target

1716-71-0x00000000003B0000-0x00000000003D0000-memory.dmp

MD5

73943755ec77aa8734b85cdf66cfa687

Filesize

128KB

Score
10/10
SHA1

96a313d4f92e3108ec4968191cb09e54309c1c61

SHA256

f341c3e45f181170afcb9319faf06996d3892949ab5078e26df9432ccffa4709

SHA512

570abfb9d7169e56f59ac80f13f9e50845f861ed7da7d5a580696b74543b2251c827c2abe9bd7fd5c514ff3d78efbafe39fbb8289528040f95465f5c73ab9a29

Tags

Signatures

  • RedLine

    Description

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    Tags

  • RedLine Payload

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          10/10

                          behavioral1

                          10/10

                          behavioral2

                          10/10