General

  • Target

    2324-237-0x0000000002200000-0x0000000002234000-memory.dmp

  • Size

    208KB

  • Sample

    220806-rdgl7sfdhl

  • MD5

    1e377387d06a3636466dfbd649ac91e2

  • SHA1

    8dbc9e69a60e1c14d84ea10f4f6ebde705b40039

  • SHA256

    4def89d649dc96743488223f460c56587cf9e882463381c1d619918a4508556c

  • SHA512

    cd026a0a5a59f73c9ac9d2b6c3b5334f13faed6e0a6d346417e168f5292c54aed75560589c186ed6606e68eaa3acfa2fae80ea0e996f4fc60f779aa301407a5e

Malware Config

Extracted

Family

redline

Botnet

ruzki 10

C2

185.106.92.235:12654

Attributes
  • auth_value

    bd55c8a28ef77f4992002099164ebe01

Targets

    • Target

      2324-237-0x0000000002200000-0x0000000002234000-memory.dmp

    • Size

      208KB

    • MD5

      1e377387d06a3636466dfbd649ac91e2

    • SHA1

      8dbc9e69a60e1c14d84ea10f4f6ebde705b40039

    • SHA256

      4def89d649dc96743488223f460c56587cf9e882463381c1d619918a4508556c

    • SHA512

      cd026a0a5a59f73c9ac9d2b6c3b5334f13faed6e0a6d346417e168f5292c54aed75560589c186ed6606e68eaa3acfa2fae80ea0e996f4fc60f779aa301407a5e

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks