Overview

overview

10

Static

static

10

1304-148-0...ry.exe

windows7-x64

10

1304-148-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1304-148-0x00000000047B0000-0x00000000047F4000-memory.dmp

  • Size

    272KB

  • Sample

    240303-v6134aeb59

  • MD5

    aca194ebc0c544d94fbb9844e4476e7e

  • SHA1

    a1ccb2985aa5605872bcc1db49523161ba42b8e5

  • SHA256

    a109365d85153ce7ca4f31986ce2919205f6a2c931eb96ec3e09cf7167acd129

  • SHA512

    94af0e9785e46e5b7c75bd9d8147a5b570dbe8f41a58ec1d75d95dd5f82150426a2456c6b48cd92a2a05614fb2cace11a60a962737fd3ca377335aa8ccff8aaa

  • SSDEEP

    3072:Q6jIELf6FDTCjhnTzO6w/et1WuDCvgxo40TnCch36nycRt7fwxNn2pU9f2MKTV/C:Q6jocuVe3W8Y2chqnycP

Score
10/10
redlinesonyinfostealer

Malware Config

Extracted

Family

redline

Botnet

sony

C2

193.233.20.33:4125

Attributes
  • auth_value

    1d93d1744381eeb4fcfd7c23ffe0f0b4

Targets

    • Target

      1304-148-0x00000000047B0000-0x00000000047F4000-memory.dmp

    • Size

      272KB

    • MD5

      aca194ebc0c544d94fbb9844e4476e7e

    • SHA1

      a1ccb2985aa5605872bcc1db49523161ba42b8e5

    • SHA256

      a109365d85153ce7ca4f31986ce2919205f6a2c931eb96ec3e09cf7167acd129

    • SHA512

      94af0e9785e46e5b7c75bd9d8147a5b570dbe8f41a58ec1d75d95dd5f82150426a2456c6b48cd92a2a05614fb2cace11a60a962737fd3ca377335aa8ccff8aaa

    • SSDEEP

      3072:Q6jIELf6FDTCjhnTzO6w/et1WuDCvgxo40TnCch36nycRt7fwxNn2pU9f2MKTV/C:Q6jocuVe3W8Y2chqnycP

    Score
    10/10
    redlinesonyinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks