Overview

overview

10

Static

static

10

2040-57-0x...ry.exe

windows7-x64

10

2040-57-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2040-57-0x0000000004890000-0x00000000048E8000-memory.dmp

  • Size

    352KB

  • Sample

    240303-fhqj5ada9s

  • MD5

    a86924d566652ef85e2037e85a913d16

  • SHA1

    d4b72c756e5235c21df5b8ec8e00b0c169eebd63

  • SHA256

    fdb9c24cc4212b6a6be95bf59369d22f83d4b29d7129d85b0202a42aa7cb7a66

  • SHA512

    3d72e97e5a691e26782c21a760687cb258820b49185baab3dbf6944762cf0cbbb70e6b43e50f2ffedf06d0a99edb961dd4f271f2371634048d2fc46923edabb6

  • SSDEEP

    3072:AgDeulu/VhroeJ+UTWLhaPxQQZvF8WekArT:3lu/L3cU7vF8WekA

Score
10/10
redlinefronx2infostealer

Malware Config

Extracted

Family

redline

Botnet

fronx2

C2

fronxtracking.com:80

Attributes
  • auth_value

    0a4100df2644a6a6582137d2da2c8bd1

Targets

    • Target

      2040-57-0x0000000004890000-0x00000000048E8000-memory.dmp

    • Size

      352KB

    • MD5

      a86924d566652ef85e2037e85a913d16

    • SHA1

      d4b72c756e5235c21df5b8ec8e00b0c169eebd63

    • SHA256

      fdb9c24cc4212b6a6be95bf59369d22f83d4b29d7129d85b0202a42aa7cb7a66

    • SHA512

      3d72e97e5a691e26782c21a760687cb258820b49185baab3dbf6944762cf0cbbb70e6b43e50f2ffedf06d0a99edb961dd4f271f2371634048d2fc46923edabb6

    • SSDEEP

      3072:AgDeulu/VhroeJ+UTWLhaPxQQZvF8WekArT:3lu/L3cU7vF8WekA

    Score
    10/10
    redlinefronx2infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks