General
-
Target
1392-86-0x0000000004770000-0x00000000047AC000-memory.dmp
-
Size
240KB
-
Sample
221129-tb9w3sfh9y
-
MD5
734a0468dc257ae4360e529a2e80c117
-
SHA1
bccb469ee4e73eb942cfbedd2bcf9731ca50d046
-
SHA256
383c571e0b7809b61d2739cd02331b026a82f4cf2407fc2e1d4fd91fbba4ff09
-
SHA512
2624e770c9d5e6d84ddea26751d10378ecfbfe419b4b852a663487e28da2749d976947a61fc309e17c0175da1347d60abdf2df73d59782d8c289d38896fa2310
-
SSDEEP
3072:GjqTLye1gJIDRHQqjTlbab66Z37oe/cE6PhsXOOZ8xHS0Zuf9:GjqbgiqqjTlQMPh31G
Behavioral task
behavioral1
Sample
1392-86-0x0000000004770000-0x00000000047AC000-memory.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1392-86-0x0000000004770000-0x00000000047AC000-memory.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
2day
77.73.133.85:9862
-
auth_value
3cb50f3022a33b7f82101eb4a28e243a
Targets
-
-
Target
1392-86-0x0000000004770000-0x00000000047AC000-memory.dmp
-
Size
240KB
-
MD5
734a0468dc257ae4360e529a2e80c117
-
SHA1
bccb469ee4e73eb942cfbedd2bcf9731ca50d046
-
SHA256
383c571e0b7809b61d2739cd02331b026a82f4cf2407fc2e1d4fd91fbba4ff09
-
SHA512
2624e770c9d5e6d84ddea26751d10378ecfbfe419b4b852a663487e28da2749d976947a61fc309e17c0175da1347d60abdf2df73d59782d8c289d38896fa2310
-
SSDEEP
3072:GjqTLye1gJIDRHQqjTlbab66Z37oe/cE6PhsXOOZ8xHS0Zuf9:GjqbgiqqjTlQMPh31G
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-