General

  • Target

    2020-57-0x0000000004790000-0x00000000047D4000-memory.dmp

  • Size

    272KB

  • Sample

    230202-hy9daafd83

  • MD5

    5c4df2134f555550be7ac52fee67ec3e

  • SHA1

    02e3b929b735abbb9221cf62bf93ada78d71849e

  • SHA256

    598a3baee788317933eb104745ff7cea4862ecdf3ddebffdb3518a1a82401f1c

  • SHA512

    a540787b9cf71e95e2ef8850b441cea0d98f2d5adb35878a9387f2ec73bbce0a7ad48fbc5c06a0e72014d62dfcf307630568f1e7f4ff8840b4ec3a746c757ef2

  • SSDEEP

    3072:F6jYELp6VFxCjegd9zQRRa0TwOkNwZsmLodSxm4miwo402otLh3An87q3xNn2pUa:F6j+HM9zQPa/5NwpLodSdm2Lhwn87

Malware Config

Extracted

Family

redline

Botnet

milaf

C2

193.233.20.5:4136

Attributes
  • auth_value

    68aaee25afe3d0ae7d4db09dea02347c

Targets

    • Target

      2020-57-0x0000000004790000-0x00000000047D4000-memory.dmp

    • Size

      272KB

    • MD5

      5c4df2134f555550be7ac52fee67ec3e

    • SHA1

      02e3b929b735abbb9221cf62bf93ada78d71849e

    • SHA256

      598a3baee788317933eb104745ff7cea4862ecdf3ddebffdb3518a1a82401f1c

    • SHA512

      a540787b9cf71e95e2ef8850b441cea0d98f2d5adb35878a9387f2ec73bbce0a7ad48fbc5c06a0e72014d62dfcf307630568f1e7f4ff8840b4ec3a746c757ef2

    • SSDEEP

      3072:F6jYELp6VFxCjegd9zQRRa0TwOkNwZsmLodSxm4miwo402otLh3An87q3xNn2pUa:F6j+HM9zQPa/5NwpLodSdm2Lhwn87

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks