General
-
Target
1684-55-0x0000000001ED0000-0x0000000001F02000-memory.dmp
-
Size
200KB
-
Sample
220523-xjj76sehhl
-
MD5
038ca458ecc3d2731f09dc219644f047
-
SHA1
2ce33af6fb9d00344c524af3192deb5371c41594
-
SHA256
4ae2c9fe2e06741ddcb1fc6112fc834011e9ac054d851a5a3a8301c5c1c4bf58
-
SHA512
5f6e890a296fdef00088270f2c2ff26461ac37e5ffa2c354db52d5a955fccb40c04295d594607166c38d20cb73b283dfa4ca849ede759899d410f8790c5c1da8
Behavioral task
behavioral1
Sample
1684-55-0x0000000001ED0000-0x0000000001F02000-memory.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1684-55-0x0000000001ED0000-0x0000000001F02000-memory.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
$
91.242.229.130:26402
-
auth_value
81039c9bd8ac8c604b05080ab4a86168
Targets
-
-
Target
1684-55-0x0000000001ED0000-0x0000000001F02000-memory.dmp
-
Size
200KB
-
MD5
038ca458ecc3d2731f09dc219644f047
-
SHA1
2ce33af6fb9d00344c524af3192deb5371c41594
-
SHA256
4ae2c9fe2e06741ddcb1fc6112fc834011e9ac054d851a5a3a8301c5c1c4bf58
-
SHA512
5f6e890a296fdef00088270f2c2ff26461ac37e5ffa2c354db52d5a955fccb40c04295d594607166c38d20cb73b283dfa4ca849ede759899d410f8790c5c1da8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-