General
-
Target
1696-55-0x00000000047B0000-0x00000000047F4000-memory.dmp
-
Size
272KB
-
Sample
230130-txd2jacf91
-
MD5
6d53244cb9fe25c0a4546679b553039d
-
SHA1
67940ad7cfecb491304e08028690a1cf7a3de1f3
-
SHA256
26686e3b1bce914c53961f007d3f4a9e8f15e063921b929e2fc245e59b369870
-
SHA512
e4bc43e14291575e3033aa1d4fa5dbfc4f06032176643ee3f24ca74250243a8deb788736fc6c2fb511999280e8a7b0949ecd590ad7c126747088570d3441c4c0
-
SSDEEP
3072:K6jYELp6VFxCcOmX9KWePM+wLQDCvgUo40fZ7IWfHhKdnHJEDCxNn2pU9f2MKTVv:K6j+kIILM+wLiYwSaHhQnH
Behavioral task
behavioral1
Sample
1696-55-0x00000000047B0000-0x00000000047F4000-memory.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1696-55-0x00000000047B0000-0x00000000047F4000-memory.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
fredy
62.204.41.170:4132
-
auth_value
880249eef9593d49a1a3cddf57c5cb35
Targets
-
-
Target
1696-55-0x00000000047B0000-0x00000000047F4000-memory.dmp
-
Size
272KB
-
MD5
6d53244cb9fe25c0a4546679b553039d
-
SHA1
67940ad7cfecb491304e08028690a1cf7a3de1f3
-
SHA256
26686e3b1bce914c53961f007d3f4a9e8f15e063921b929e2fc245e59b369870
-
SHA512
e4bc43e14291575e3033aa1d4fa5dbfc4f06032176643ee3f24ca74250243a8deb788736fc6c2fb511999280e8a7b0949ecd590ad7c126747088570d3441c4c0
-
SSDEEP
3072:K6jYELp6VFxCcOmX9KWePM+wLQDCvgUo40fZ7IWfHhKdnHJEDCxNn2pU9f2MKTVv:K6j+kIILM+wLiYwSaHhQnH
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-