General
-
Target
1420-59-0x0000000002770000-0x00000000027A4000-memory.dmp
-
Size
208KB
-
Sample
220802-x4kdnsbfaq
-
MD5
92e34baae951ef00d6bc9f7465ee088e
-
SHA1
668df1c82188f9dc3d97535d1dd3851506b097ab
-
SHA256
d5592e4b88045ce006e0a0e7041144f9690b8707a75e50f18d6ff8f21155b8f3
-
SHA512
4b025bd3875078a17bbbcaca5ac4d1d42fdec98537c742714e62fdb2c03dba1922b37bd649797cff906457a625acf092c31ab75cdd5700c493e4e5eae134b2d4
Behavioral task
behavioral1
Sample
1420-59-0x0000000002770000-0x00000000027A4000-memory.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
1420-59-0x0000000002770000-0x00000000027A4000-memory.exe
Resource
win10v2004-20220722-en
Malware Config
Extracted
redline
8888
doaisunto.xyz:80
olmilllchi.xyz:80
-
auth_value
305522e79291033617ec9ca844a03dca
Targets
-
-
Target
1420-59-0x0000000002770000-0x00000000027A4000-memory.dmp
-
Size
208KB
-
MD5
92e34baae951ef00d6bc9f7465ee088e
-
SHA1
668df1c82188f9dc3d97535d1dd3851506b097ab
-
SHA256
d5592e4b88045ce006e0a0e7041144f9690b8707a75e50f18d6ff8f21155b8f3
-
SHA512
4b025bd3875078a17bbbcaca5ac4d1d42fdec98537c742714e62fdb2c03dba1922b37bd649797cff906457a625acf092c31ab75cdd5700c493e4e5eae134b2d4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-