Overview

overview

10

Static

static

10

972-153-0x...ry.exe

windows7-x64

10

972-153-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    972-153-0x00000000049B0000-0x00000000049F4000-memory.dmp

  • Size

    272KB

  • Sample

    240303-amh3ysae9x

  • MD5

    1514424a47acc34590475ead967b5648

  • SHA1

    1e8fd085d2349115e12b8365b39648d7d252aaaa

  • SHA256

    2dedc952761cfd972a04ac323934fa83a575ac0dad8bacdb302d5de5145de3e3

  • SHA512

    db20de1818695f65b4a52e0caa8ecd99f55565db25d8e90b5f15123100cd71e07baaed90e565c70aa411e56faf47783a9dcca0d52a6f02e0dbdb35812a008702

  • SSDEEP

    3072:96jYELp6VFxCCWosai9QFwNsmLo0gacrilo40OTkQhOEnISw+dvoxNn2pU9f2MKL:96j+GosvqFwtLo0yr3QhZnI

Score
10/10
redlinegenainfostealer

Malware Config

Extracted

Family

redline

Botnet

gena

C2

193.233.20.30:4125

Attributes
  • auth_value

    93c20961cb6b06b2d5781c212db6201e

Targets

    • Target

      972-153-0x00000000049B0000-0x00000000049F4000-memory.dmp

    • Size

      272KB

    • MD5

      1514424a47acc34590475ead967b5648

    • SHA1

      1e8fd085d2349115e12b8365b39648d7d252aaaa

    • SHA256

      2dedc952761cfd972a04ac323934fa83a575ac0dad8bacdb302d5de5145de3e3

    • SHA512

      db20de1818695f65b4a52e0caa8ecd99f55565db25d8e90b5f15123100cd71e07baaed90e565c70aa411e56faf47783a9dcca0d52a6f02e0dbdb35812a008702

    • SSDEEP

      3072:96jYELp6VFxCCWosai9QFwNsmLo0gacrilo40OTkQhOEnISw+dvoxNn2pU9f2MKL:96j+GosvqFwtLo0yr3QhZnI

    Score
    10/10
    redlinegenainfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks