Overview

overview

10

Static

static

10

936-56-0x0...ry.exe

windows7-x64

10

936-56-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    936-56-0x00000000047F0000-0x0000000004834000-memory.dmp

  • Size

    272KB

  • Sample

    230130-qqmtbacc3x

  • MD5

    b22b1a395a74d84936c36ad264e75c25

  • SHA1

    4953cb7eee649ddbca9f0e6a1a6a461c451d8809

  • SHA256

    fc03134a33f43116ddfcca94b19d9cf1821ae6bf0dee1c649590f22019a48123

  • SHA512

    3e46b604c424010bf8ca045a8c6293d5a52d80321e17105516064bee0a3c5cfc6a0c2972a0cdc953f894a9e320a92c426a9ab09aa6566448b159e2431a829b9f

  • SSDEEP

    3072:K6jYELp6VFxCcOmX9KWePM+wLQDCvgUo40fZ7IWfHhKdnHJEDCxNn2pU9f2MKTVU:K6j+kIILM+wLiYwSaHhQnH

Score
10/10
redlinefredyinfostealer

Malware Config

Extracted

Family

redline

Botnet

fredy

C2

62.204.41.170:4132

Attributes
  • auth_value

    880249eef9593d49a1a3cddf57c5cb35

Targets

    • Target

      936-56-0x00000000047F0000-0x0000000004834000-memory.dmp

    • Size

      272KB

    • MD5

      b22b1a395a74d84936c36ad264e75c25

    • SHA1

      4953cb7eee649ddbca9f0e6a1a6a461c451d8809

    • SHA256

      fc03134a33f43116ddfcca94b19d9cf1821ae6bf0dee1c649590f22019a48123

    • SHA512

      3e46b604c424010bf8ca045a8c6293d5a52d80321e17105516064bee0a3c5cfc6a0c2972a0cdc953f894a9e320a92c426a9ab09aa6566448b159e2431a829b9f

    • SSDEEP

      3072:K6jYELp6VFxCcOmX9KWePM+wLQDCvgUo40fZ7IWfHhKdnHJEDCxNn2pU9f2MKTVU:K6j+kIILM+wLiYwSaHhQnH

    Score
    10/10
    redlinefredyinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks