General
-
Target
1320-149-0x00000000048A0000-0x00000000048E4000-memory.dmp
-
Size
272KB
-
Sample
240303-qhv5qaba41
-
MD5
e73c15153bb1c584a443785cd3b415df
-
SHA1
1a473eec8df875f501cbad21b8c8dbd946195914
-
SHA256
676c9696ff162561487553dc7c19b4b9ed1cbeb4a001a469c77490f13154cbeb
-
SHA512
10846c9bf204c750bcccfb18053e15b76860908ec967615d970fb7f68cc2bf1adaab256a80f51665426c0f9500b6bbbe6fd09a08b9076979ed78ba85823bb0fd
-
SSDEEP
3072:E6j4ELN6FY9CqZuk6CeakgM+w/TDCegmo40ZThIIhbLnIviPJ13/HxNn2pU9f2Mv:E6jiOZX6CeOM+w//pSqIhvnIvW13
Behavioral task
behavioral1
Sample
1320-149-0x00000000048A0000-0x00000000048E4000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1320-149-0x00000000048A0000-0x00000000048E4000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
boris
193.233.20.32:4125
-
auth_value
766b5bdf6dbefcf7ca223351952fc38f
Targets
-
-
Target
1320-149-0x00000000048A0000-0x00000000048E4000-memory.dmp
-
Size
272KB
-
MD5
e73c15153bb1c584a443785cd3b415df
-
SHA1
1a473eec8df875f501cbad21b8c8dbd946195914
-
SHA256
676c9696ff162561487553dc7c19b4b9ed1cbeb4a001a469c77490f13154cbeb
-
SHA512
10846c9bf204c750bcccfb18053e15b76860908ec967615d970fb7f68cc2bf1adaab256a80f51665426c0f9500b6bbbe6fd09a08b9076979ed78ba85823bb0fd
-
SSDEEP
3072:E6j4ELN6FY9CqZuk6CeakgM+w/TDCegmo40ZThIIhbLnIviPJ13/HxNn2pU9f2Mv:E6jiOZX6CeOM+w//pSqIhvnIvW13
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-