General
-
Target
1096-116-0x00000000047A0000-0x00000000047E4000-memory.dmp
-
Size
272KB
-
Sample
230123-l8994see4x
-
MD5
f4b2caab3c731374b3c56b88f6a181c4
-
SHA1
cf07b5bb1c4b9d46e2c4218f76235c4a76b7bfc7
-
SHA256
005e2e30c74767300540bc22c6f5750dd1895a91529284414dfa3a8d5cc4ca53
-
SHA512
8059f7d4f3ec3c4e8de0b3ea7f168316bfcd73d2bc3d6cd77747dd8890bc25286a56c2dbdf2b3db965d82ca0248ab45b82f6c67522b482c4557c3e9819d9fc5b
-
SSDEEP
3072:R26j4ELd6mSNCW8waBQYErRrG5GwvLy93go408NdONh3KnMb8LgxNn2pU9f2MKTM:R26jRyr1GcwvLyhUINh6nM
Behavioral task
behavioral1
Sample
1096-116-0x00000000047A0000-0x00000000047E4000-memory.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1096-116-0x00000000047A0000-0x00000000047E4000-memory.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
test1
142.202.242.197:35704
-
auth_value
c885160a503c10a4d67fd1c2cf98f250
Targets
-
-
Target
1096-116-0x00000000047A0000-0x00000000047E4000-memory.dmp
-
Size
272KB
-
MD5
f4b2caab3c731374b3c56b88f6a181c4
-
SHA1
cf07b5bb1c4b9d46e2c4218f76235c4a76b7bfc7
-
SHA256
005e2e30c74767300540bc22c6f5750dd1895a91529284414dfa3a8d5cc4ca53
-
SHA512
8059f7d4f3ec3c4e8de0b3ea7f168316bfcd73d2bc3d6cd77747dd8890bc25286a56c2dbdf2b3db965d82ca0248ab45b82f6c67522b482c4557c3e9819d9fc5b
-
SSDEEP
3072:R26j4ELd6mSNCW8waBQYErRrG5GwvLy93go408NdONh3KnMb8LgxNn2pU9f2MKTM:R26jRyr1GcwvLyhUINh6nM
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-