General

  • Target

    560-58-0x0000000002110000-0x0000000002154000-memory.dmp

  • Size

    272KB

  • Sample

    230202-rkr2hsde97

  • MD5

    c95a40e2c1aa08573be7f64c2f1c340e

  • SHA1

    18452946af3a5b21364a72e82659ee6fe48a8a30

  • SHA256

    f8443060c3a30c6f3b9405ffa30cd0bd38d487c17746e55e9207add0162eaa42

  • SHA512

    5ffd813f8677acc67bc72ab55a02d39a9eb2dbda44ab1ec45725dbdc5e46b820c53a435261d19308cc7625cf0963a1b6c37efd8a86dbf421335ddf334a90c438

  • SSDEEP

    3072:F6jYELp6VFxCjegd9zQRRa0TwOkNwZsmLodSxm4miwo402otLh3An87q3xNn2pUa:F6j+HM9zQPa/5NwpLodSdm2Lhwn87

Malware Config

Extracted

Family

redline

Botnet

milaf

C2

193.233.20.5:4136

Attributes
  • auth_value

    68aaee25afe3d0ae7d4db09dea02347c

Targets

    • Target

      560-58-0x0000000002110000-0x0000000002154000-memory.dmp

    • Size

      272KB

    • MD5

      c95a40e2c1aa08573be7f64c2f1c340e

    • SHA1

      18452946af3a5b21364a72e82659ee6fe48a8a30

    • SHA256

      f8443060c3a30c6f3b9405ffa30cd0bd38d487c17746e55e9207add0162eaa42

    • SHA512

      5ffd813f8677acc67bc72ab55a02d39a9eb2dbda44ab1ec45725dbdc5e46b820c53a435261d19308cc7625cf0963a1b6c37efd8a86dbf421335ddf334a90c438

    • SSDEEP

      3072:F6jYELp6VFxCjegd9zQRRa0TwOkNwZsmLodSxm4miwo402otLh3An87q3xNn2pUa:F6j+HM9zQPa/5NwpLodSdm2Lhwn87

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks