Overview

overview

10

Static

static

10

1964-110-0...ry.exe

windows7-x64

10

1964-110-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1964-110-0x00000000023F0000-0x0000000002434000-memory.dmp

  • Size

    272KB

  • Sample

    230214-te6zlaee35

  • MD5

    71c939b975f701bf601eabdb3be66cd7

  • SHA1

    07abd2620cc7faa877ccad21f15ad40156d4178e

  • SHA256

    b04a5acc8ee0d105f6273fb2e58eb4faead6378ef9869f0e06fcef090e6ca408

  • SHA512

    1bec1d7757499e06e371583de22436afd00aa0a1f1f899787109c30ccb438887005f9c82592142a1337fe597bf1eb6652302b15fa92079dfccbefc587c9dc719

  • SSDEEP

    3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wi7:B6jodYx9cYKpzwAAh3nz

Score
10/10
redlinerumainfostealer

Malware Config

Extracted

Family

redline

Botnet

ruma

C2

193.233.20.13:4136

Attributes
  • auth_value

    647d00dfaba082a4a30f383bca5d1a2a

Targets

    • Target

      1964-110-0x00000000023F0000-0x0000000002434000-memory.dmp

    • Size

      272KB

    • MD5

      71c939b975f701bf601eabdb3be66cd7

    • SHA1

      07abd2620cc7faa877ccad21f15ad40156d4178e

    • SHA256

      b04a5acc8ee0d105f6273fb2e58eb4faead6378ef9869f0e06fcef090e6ca408

    • SHA512

      1bec1d7757499e06e371583de22436afd00aa0a1f1f899787109c30ccb438887005f9c82592142a1337fe597bf1eb6652302b15fa92079dfccbefc587c9dc719

    • SSDEEP

      3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wi7:B6jodYx9cYKpzwAAh3nz

    Score
    10/10
    redlinerumainfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks