General
-
Target
2040-57-0x0000000004890000-0x00000000048E8000-memory.dmp
-
Size
352KB
-
Sample
240303-fhqj5ada9s
-
MD5
a86924d566652ef85e2037e85a913d16
-
SHA1
d4b72c756e5235c21df5b8ec8e00b0c169eebd63
-
SHA256
fdb9c24cc4212b6a6be95bf59369d22f83d4b29d7129d85b0202a42aa7cb7a66
-
SHA512
3d72e97e5a691e26782c21a760687cb258820b49185baab3dbf6944762cf0cbbb70e6b43e50f2ffedf06d0a99edb961dd4f271f2371634048d2fc46923edabb6
-
SSDEEP
3072:AgDeulu/VhroeJ+UTWLhaPxQQZvF8WekArT:3lu/L3cU7vF8WekA
Behavioral task
behavioral1
Sample
2040-57-0x0000000004890000-0x00000000048E8000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2040-57-0x0000000004890000-0x00000000048E8000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
2040-57-0x0000000004890000-0x00000000048E8000-memory.dmp
-
Size
352KB
-
MD5
a86924d566652ef85e2037e85a913d16
-
SHA1
d4b72c756e5235c21df5b8ec8e00b0c169eebd63
-
SHA256
fdb9c24cc4212b6a6be95bf59369d22f83d4b29d7129d85b0202a42aa7cb7a66
-
SHA512
3d72e97e5a691e26782c21a760687cb258820b49185baab3dbf6944762cf0cbbb70e6b43e50f2ffedf06d0a99edb961dd4f271f2371634048d2fc46923edabb6
-
SSDEEP
3072:AgDeulu/VhroeJ+UTWLhaPxQQZvF8WekArT:3lu/L3cU7vF8WekA
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-