General
-
Target
1936-150-0x00000000033F0000-0x0000000003434000-memory.dmp
-
Size
272KB
-
Sample
240303-rkaggabg8z
-
MD5
a99f69c25de0b52fcce110af5410e27f
-
SHA1
965b109292ad3a11a36b61dee31634e9d9999d9f
-
SHA256
ef7be5206189ffd28831dc29eff1f6dd5c58f4b8be534d41c968c56676c9e9f9
-
SHA512
3713bd1e61b945aca51037121b57b2e1d8a5253eee01a27e653aaef963f7a7e3388fb9ed539191e96d45e44eaba67b9105b559cadc258289065fccc06bdef087
-
SSDEEP
3072:E6j4ELN6FY9CqZuk6CeakgM+w/TDCegmo40ZThIIhbLnIviPJ13/HxNn2pU9f2MM:E6jiOZX6CeOM+w//pSqIhvnIvW13
Behavioral task
behavioral1
Sample
1936-150-0x00000000033F0000-0x0000000003434000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1936-150-0x00000000033F0000-0x0000000003434000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
boris
193.233.20.32:4125
-
auth_value
766b5bdf6dbefcf7ca223351952fc38f
Targets
-
-
Target
1936-150-0x00000000033F0000-0x0000000003434000-memory.dmp
-
Size
272KB
-
MD5
a99f69c25de0b52fcce110af5410e27f
-
SHA1
965b109292ad3a11a36b61dee31634e9d9999d9f
-
SHA256
ef7be5206189ffd28831dc29eff1f6dd5c58f4b8be534d41c968c56676c9e9f9
-
SHA512
3713bd1e61b945aca51037121b57b2e1d8a5253eee01a27e653aaef963f7a7e3388fb9ed539191e96d45e44eaba67b9105b559cadc258289065fccc06bdef087
-
SSDEEP
3072:E6j4ELN6FY9CqZuk6CeakgM+w/TDCegmo40ZThIIhbLnIviPJ13/HxNn2pU9f2MM:E6jiOZX6CeOM+w//pSqIhvnIvW13
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-