General
-
Target
936-56-0x00000000047F0000-0x0000000004834000-memory.dmp
-
Size
272KB
-
Sample
230130-qqmtbacc3x
-
MD5
b22b1a395a74d84936c36ad264e75c25
-
SHA1
4953cb7eee649ddbca9f0e6a1a6a461c451d8809
-
SHA256
fc03134a33f43116ddfcca94b19d9cf1821ae6bf0dee1c649590f22019a48123
-
SHA512
3e46b604c424010bf8ca045a8c6293d5a52d80321e17105516064bee0a3c5cfc6a0c2972a0cdc953f894a9e320a92c426a9ab09aa6566448b159e2431a829b9f
-
SSDEEP
3072:K6jYELp6VFxCcOmX9KWePM+wLQDCvgUo40fZ7IWfHhKdnHJEDCxNn2pU9f2MKTVU:K6j+kIILM+wLiYwSaHhQnH
Behavioral task
behavioral1
Sample
936-56-0x00000000047F0000-0x0000000004834000-memory.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
936-56-0x00000000047F0000-0x0000000004834000-memory.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
fredy
62.204.41.170:4132
-
auth_value
880249eef9593d49a1a3cddf57c5cb35
Targets
-
-
Target
936-56-0x00000000047F0000-0x0000000004834000-memory.dmp
-
Size
272KB
-
MD5
b22b1a395a74d84936c36ad264e75c25
-
SHA1
4953cb7eee649ddbca9f0e6a1a6a461c451d8809
-
SHA256
fc03134a33f43116ddfcca94b19d9cf1821ae6bf0dee1c649590f22019a48123
-
SHA512
3e46b604c424010bf8ca045a8c6293d5a52d80321e17105516064bee0a3c5cfc6a0c2972a0cdc953f894a9e320a92c426a9ab09aa6566448b159e2431a829b9f
-
SSDEEP
3072:K6jYELp6VFxCcOmX9KWePM+wLQDCvgUo40fZ7IWfHhKdnHJEDCxNn2pU9f2MKTVU:K6j+kIILM+wLiYwSaHhQnH
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-