General

  • Target

    1392-86-0x0000000004770000-0x00000000047AC000-memory.dmp

  • Size

    240KB

  • Sample

    221129-tb9w3sfh9y

  • MD5

    734a0468dc257ae4360e529a2e80c117

  • SHA1

    bccb469ee4e73eb942cfbedd2bcf9731ca50d046

  • SHA256

    383c571e0b7809b61d2739cd02331b026a82f4cf2407fc2e1d4fd91fbba4ff09

  • SHA512

    2624e770c9d5e6d84ddea26751d10378ecfbfe419b4b852a663487e28da2749d976947a61fc309e17c0175da1347d60abdf2df73d59782d8c289d38896fa2310

  • SSDEEP

    3072:GjqTLye1gJIDRHQqjTlbab66Z37oe/cE6PhsXOOZ8xHS0Zuf9:GjqbgiqqjTlQMPh31G

Malware Config

Extracted

Family

redline

Botnet

2day

C2

77.73.133.85:9862

Attributes
  • auth_value

    3cb50f3022a33b7f82101eb4a28e243a

Targets

    • Target

      1392-86-0x0000000004770000-0x00000000047AC000-memory.dmp

    • Size

      240KB

    • MD5

      734a0468dc257ae4360e529a2e80c117

    • SHA1

      bccb469ee4e73eb942cfbedd2bcf9731ca50d046

    • SHA256

      383c571e0b7809b61d2739cd02331b026a82f4cf2407fc2e1d4fd91fbba4ff09

    • SHA512

      2624e770c9d5e6d84ddea26751d10378ecfbfe419b4b852a663487e28da2749d976947a61fc309e17c0175da1347d60abdf2df73d59782d8c289d38896fa2310

    • SSDEEP

      3072:GjqTLye1gJIDRHQqjTlbab66Z37oe/cE6PhsXOOZ8xHS0Zuf9:GjqbgiqqjTlQMPh31G

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks