General
-
Target
1196-56-0x0000000004850000-0x0000000004894000-memory.dmp
-
Size
272KB
-
Sample
230404-eknymsee6z
-
MD5
0629f902985a4473a862305c14f12f56
-
SHA1
fa06c4b11f471f407bcfe58db7467a4bf46b901c
-
SHA256
86508a9acadf0d3556e5f010754ac56ad53260e3137908ad1c4e26244d31192f
-
SHA512
3200c7558e1e7dde53ab7e21ae3a2d2e32a0c9ef5e2f581cd4c8f6f89e3a127027fc8ce840a5253d559823db8f8673f43ab7fa67333a7086cf72a9f27f24671f
-
SSDEEP
3072:C6j1ELs6B3bDCkIopDKmH+Hi0Ji/ep4u0DCjgAo40Jg2Shc+ny6PxG2Z2C9xNn2M:C6jk39IoZKmwLaefGk2ShPny0I
Behavioral task
behavioral1
Sample
1196-56-0x0000000004850000-0x0000000004894000-memory.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
1196-56-0x0000000004850000-0x0000000004894000-memory.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
Build1
185.189.151.109:36839
-
auth_value
d676f4d8230f2d1faff9a183479712d6
Targets
-
-
Target
1196-56-0x0000000004850000-0x0000000004894000-memory.dmp
-
Size
272KB
-
MD5
0629f902985a4473a862305c14f12f56
-
SHA1
fa06c4b11f471f407bcfe58db7467a4bf46b901c
-
SHA256
86508a9acadf0d3556e5f010754ac56ad53260e3137908ad1c4e26244d31192f
-
SHA512
3200c7558e1e7dde53ab7e21ae3a2d2e32a0c9ef5e2f581cd4c8f6f89e3a127027fc8ce840a5253d559823db8f8673f43ab7fa67333a7086cf72a9f27f24671f
-
SSDEEP
3072:C6j1ELs6B3bDCkIopDKmH+Hi0Ji/ep4u0DCjgAo40Jg2Shc+ny6PxG2Z2C9xNn2M:C6jk39IoZKmwLaefGk2ShPny0I
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-