General
-
Target
560-58-0x0000000002110000-0x0000000002154000-memory.dmp
-
Size
272KB
-
Sample
230202-rkr2hsde97
-
MD5
c95a40e2c1aa08573be7f64c2f1c340e
-
SHA1
18452946af3a5b21364a72e82659ee6fe48a8a30
-
SHA256
f8443060c3a30c6f3b9405ffa30cd0bd38d487c17746e55e9207add0162eaa42
-
SHA512
5ffd813f8677acc67bc72ab55a02d39a9eb2dbda44ab1ec45725dbdc5e46b820c53a435261d19308cc7625cf0963a1b6c37efd8a86dbf421335ddf334a90c438
-
SSDEEP
3072:F6jYELp6VFxCjegd9zQRRa0TwOkNwZsmLodSxm4miwo402otLh3An87q3xNn2pUa:F6j+HM9zQPa/5NwpLodSdm2Lhwn87
Behavioral task
behavioral1
Sample
560-58-0x0000000002110000-0x0000000002154000-memory.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
560-58-0x0000000002110000-0x0000000002154000-memory.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
milaf
193.233.20.5:4136
-
auth_value
68aaee25afe3d0ae7d4db09dea02347c
Targets
-
-
Target
560-58-0x0000000002110000-0x0000000002154000-memory.dmp
-
Size
272KB
-
MD5
c95a40e2c1aa08573be7f64c2f1c340e
-
SHA1
18452946af3a5b21364a72e82659ee6fe48a8a30
-
SHA256
f8443060c3a30c6f3b9405ffa30cd0bd38d487c17746e55e9207add0162eaa42
-
SHA512
5ffd813f8677acc67bc72ab55a02d39a9eb2dbda44ab1ec45725dbdc5e46b820c53a435261d19308cc7625cf0963a1b6c37efd8a86dbf421335ddf334a90c438
-
SSDEEP
3072:F6jYELp6VFxCjegd9zQRRa0TwOkNwZsmLodSxm4miwo402otLh3An87q3xNn2pUa:F6j+HM9zQPa/5NwpLodSdm2Lhwn87
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-