Overview

overview

10

Static

static

10

1496-55-0x...ry.exe

windows7-x64

10

1496-55-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1496-55-0x0000000002200000-0x0000000002244000-memory.dmp

  • Size

    272KB

  • Sample

    230129-xfgb4shf35

  • MD5

    23e5659db35e05d59683f06789feee94

  • SHA1

    e22bea379790b8f1d54bb3d3b47f0150abfc22da

  • SHA256

    c76f4550c54e347ecd7e250e329b89eafa31fe6f2e4bee2f868c8db4a557d018

  • SHA512

    afa70b822ce713bc9ffa3ae29df4bc68a62ffca7e8708f4d99c492b83dccc0e2e686ad6c64404fec0e9fdb14de94717056a5b902aa418ea342ae91368e1ca104

  • SSDEEP

    3072:K6jYELp6VFxCcOmX9KWePM+wLQDCvgUo40fZ7IWfHhKdnHJEDCxNn2pU9f2MKTV+:K6j+kIILM+wLiYwSaHhQnHPT

Score
10/10
redlinefredyinfostealer

Malware Config

Extracted

Family

redline

Botnet

fredy

C2

62.204.41.170:4132

Attributes
  • auth_value

    880249eef9593d49a1a3cddf57c5cb35

Targets

    • Target

      1496-55-0x0000000002200000-0x0000000002244000-memory.dmp

    • Size

      272KB

    • MD5

      23e5659db35e05d59683f06789feee94

    • SHA1

      e22bea379790b8f1d54bb3d3b47f0150abfc22da

    • SHA256

      c76f4550c54e347ecd7e250e329b89eafa31fe6f2e4bee2f868c8db4a557d018

    • SHA512

      afa70b822ce713bc9ffa3ae29df4bc68a62ffca7e8708f4d99c492b83dccc0e2e686ad6c64404fec0e9fdb14de94717056a5b902aa418ea342ae91368e1ca104

    • SSDEEP

      3072:K6jYELp6VFxCcOmX9KWePM+wLQDCvgUo40fZ7IWfHhKdnHJEDCxNn2pU9f2MKTV+:K6j+kIILM+wLiYwSaHhQnHPT

    Score
    10/10
    redlinefredyinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks