Overview

overview

10

Static

static

10

1100-95-0x...ry.exe

windows7-x64

10

1100-95-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1100-95-0x0000000004780000-0x00000000047C4000-memory.dmp

  • Size

    272KB

  • Sample

    230131-st24hsag4w

  • MD5

    f6d8ff48ca6845f237b01418db080c16

  • SHA1

    3a98e23692f4d0f108fbaca6dbf78087841996a3

  • SHA256

    ffaabc9df8c9f5ddc5f85b137c3b81eddb7fa9c8cb4f20e0e5cf46e621fac44a

  • SHA512

    d7223b39a5fa48a87f3d15a46176abee84afc2930fdcd66e1fec4ca80016c26f8fe137f8fa8c9d5b5a07b33d197f66fd1ff9f415eaf8938090bf20847cd97ef2

  • SSDEEP

    3072:K6jYELp6VFxCcOmX9KWePM+wLQDCvgUo40fZ7IWfHhKdnHJEDCxNn2pU9f2MKTVi:K6j+kIILM+wLiYwSaHhQnHD

Score
10/10
redlinefredyinfostealer

Malware Config

Extracted

Family

redline

Botnet

fredy

C2

62.204.41.170:4132

Attributes
  • auth_value

    880249eef9593d49a1a3cddf57c5cb35

Targets

    • Target

      1100-95-0x0000000004780000-0x00000000047C4000-memory.dmp

    • Size

      272KB

    • MD5

      f6d8ff48ca6845f237b01418db080c16

    • SHA1

      3a98e23692f4d0f108fbaca6dbf78087841996a3

    • SHA256

      ffaabc9df8c9f5ddc5f85b137c3b81eddb7fa9c8cb4f20e0e5cf46e621fac44a

    • SHA512

      d7223b39a5fa48a87f3d15a46176abee84afc2930fdcd66e1fec4ca80016c26f8fe137f8fa8c9d5b5a07b33d197f66fd1ff9f415eaf8938090bf20847cd97ef2

    • SSDEEP

      3072:K6jYELp6VFxCcOmX9KWePM+wLQDCvgUo40fZ7IWfHhKdnHJEDCxNn2pU9f2MKTVi:K6j+kIILM+wLiYwSaHhQnHD

    Score
    10/10
    redlinefredyinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks