General
-
Target
828-153-0x0000000002090000-0x00000000020D4000-memory.dmp
-
Size
272KB
-
Sample
240302-vazv6afe53
-
MD5
ffc9a947061b9a59863acd6b594a75e4
-
SHA1
f1a30280209ed7685a2e85b55681d8889b1a0746
-
SHA256
997918073bd1dcb95246a5756c26b4ce920a335dfce370c998a0ab62bba4cf97
-
SHA512
0c220f6ef880dd48303ef1cc0c11fe6508b97bcf4633383cff020b63c6fac02bba582e6a9a61956b9cdf7e3ef71eb7cb5ecb1b1fb15c31542eb518733fbe2306
-
SSDEEP
3072:J6j4ELN6FY9Cff3n0sk+wziR/o40DrNwAhFMnImax8EExNn2pU9f2MKTV/wi4lro:J6jiD30sk+wzYZAhunI7x8
Behavioral task
behavioral1
Sample
828-153-0x0000000002090000-0x00000000020D4000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
828-153-0x0000000002090000-0x00000000020D4000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
mango
193.233.20.28:4125
-
auth_value
ecf79d7f5227d998a3501c972d915d23
Targets
-
-
Target
828-153-0x0000000002090000-0x00000000020D4000-memory.dmp
-
Size
272KB
-
MD5
ffc9a947061b9a59863acd6b594a75e4
-
SHA1
f1a30280209ed7685a2e85b55681d8889b1a0746
-
SHA256
997918073bd1dcb95246a5756c26b4ce920a335dfce370c998a0ab62bba4cf97
-
SHA512
0c220f6ef880dd48303ef1cc0c11fe6508b97bcf4633383cff020b63c6fac02bba582e6a9a61956b9cdf7e3ef71eb7cb5ecb1b1fb15c31542eb518733fbe2306
-
SSDEEP
3072:J6j4ELN6FY9Cff3n0sk+wziR/o40DrNwAhFMnImax8EExNn2pU9f2MKTV/wi4lro:J6jiD30sk+wzYZAhunI7x8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-