General
-
Target
972-153-0x00000000049B0000-0x00000000049F4000-memory.dmp
-
Size
272KB
-
Sample
240303-amh3ysae9x
-
MD5
1514424a47acc34590475ead967b5648
-
SHA1
1e8fd085d2349115e12b8365b39648d7d252aaaa
-
SHA256
2dedc952761cfd972a04ac323934fa83a575ac0dad8bacdb302d5de5145de3e3
-
SHA512
db20de1818695f65b4a52e0caa8ecd99f55565db25d8e90b5f15123100cd71e07baaed90e565c70aa411e56faf47783a9dcca0d52a6f02e0dbdb35812a008702
-
SSDEEP
3072:96jYELp6VFxCCWosai9QFwNsmLo0gacrilo40OTkQhOEnISw+dvoxNn2pU9f2MKL:96j+GosvqFwtLo0yr3QhZnI
Behavioral task
behavioral1
Sample
972-153-0x00000000049B0000-0x00000000049F4000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
972-153-0x00000000049B0000-0x00000000049F4000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
gena
193.233.20.30:4125
-
auth_value
93c20961cb6b06b2d5781c212db6201e
Targets
-
-
Target
972-153-0x00000000049B0000-0x00000000049F4000-memory.dmp
-
Size
272KB
-
MD5
1514424a47acc34590475ead967b5648
-
SHA1
1e8fd085d2349115e12b8365b39648d7d252aaaa
-
SHA256
2dedc952761cfd972a04ac323934fa83a575ac0dad8bacdb302d5de5145de3e3
-
SHA512
db20de1818695f65b4a52e0caa8ecd99f55565db25d8e90b5f15123100cd71e07baaed90e565c70aa411e56faf47783a9dcca0d52a6f02e0dbdb35812a008702
-
SSDEEP
3072:96jYELp6VFxCCWosai9QFwNsmLo0gacrilo40OTkQhOEnISw+dvoxNn2pU9f2MKL:96j+GosvqFwtLo0yr3QhZnI
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-