General
-
Target
1612-150-0x0000000004B40000-0x0000000004B84000-memory.dmp
-
Size
272KB
-
Sample
240303-qcfg3sbe23
-
MD5
a0ee37b5f4e57f57a9e72cf981f3c0a6
-
SHA1
646479ec2e9f4a8ed97e6a10ba6a41a0de80c3eb
-
SHA256
f52aafb459d232ab0b68c81a1dbd9dfaeecd0552d0f21779f1205308e2600c7c
-
SHA512
9aa81c7c891c651a5249aab459b3a4ad427a8a1c955ea9799b8930e0fe6d990b3c8e4cad2c8c75378eba120df6f066071c4d1bf926b083dee7cc32374161b516
-
SSDEEP
3072:E6j4ELN6FY9CqZuk6CeakgM+w/TDCegmo40ZThIIhbLnIviPJ13/HxNn2pU9f2Mv:E6jiOZX6CeOM+w//pSqIhvnIvW13
Behavioral task
behavioral1
Sample
1612-150-0x0000000004B40000-0x0000000004B84000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1612-150-0x0000000004B40000-0x0000000004B84000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
boris
193.233.20.32:4125
-
auth_value
766b5bdf6dbefcf7ca223351952fc38f
Targets
-
-
Target
1612-150-0x0000000004B40000-0x0000000004B84000-memory.dmp
-
Size
272KB
-
MD5
a0ee37b5f4e57f57a9e72cf981f3c0a6
-
SHA1
646479ec2e9f4a8ed97e6a10ba6a41a0de80c3eb
-
SHA256
f52aafb459d232ab0b68c81a1dbd9dfaeecd0552d0f21779f1205308e2600c7c
-
SHA512
9aa81c7c891c651a5249aab459b3a4ad427a8a1c955ea9799b8930e0fe6d990b3c8e4cad2c8c75378eba120df6f066071c4d1bf926b083dee7cc32374161b516
-
SSDEEP
3072:E6j4ELN6FY9CqZuk6CeakgM+w/TDCegmo40ZThIIhbLnIviPJ13/HxNn2pU9f2Mv:E6jiOZX6CeOM+w//pSqIhvnIvW13
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-