Overview

overview

10

Static

static

10

1372-124-0...ry.exe

windows7-x64

10

1372-124-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1372-124-0x0000000004A10000-0x0000000004A54000-memory.dmp

  • Size

    272KB

  • Sample

    240303-v9wb1sde3v

  • MD5

    8938dcd99cf92389b3ad67b2956a53c9

  • SHA1

    2139a710a172e1ad38aca4c9424b09de805cdd01

  • SHA256

    21b39446d5b586fb88965fe0912d36bae95e41f5a29ec4e014dd3f192e3a4bc9

  • SHA512

    5f8abbffd5df4eed8d22befadc106a07b68c4256217322dc70f2807ae4d832955b05e04888e1f82558f85bc12cea825be7f7e6713ead7519e0b73d25a07d2094

  • SSDEEP

    3072:Q6jIELf6FDTCjhnTzO6w/et1WuDCvgxo40TnCch36nycRt7fwxNn2pU9f2MKTV/z:Q6jocuVe3W8Y2chqnycP

Score
10/10
redlinesonyinfostealer

Malware Config

Extracted

Family

redline

Botnet

sony

C2

193.233.20.33:4125

Attributes
  • auth_value

    1d93d1744381eeb4fcfd7c23ffe0f0b4

Targets

    • Target

      1372-124-0x0000000004A10000-0x0000000004A54000-memory.dmp

    • Size

      272KB

    • MD5

      8938dcd99cf92389b3ad67b2956a53c9

    • SHA1

      2139a710a172e1ad38aca4c9424b09de805cdd01

    • SHA256

      21b39446d5b586fb88965fe0912d36bae95e41f5a29ec4e014dd3f192e3a4bc9

    • SHA512

      5f8abbffd5df4eed8d22befadc106a07b68c4256217322dc70f2807ae4d832955b05e04888e1f82558f85bc12cea825be7f7e6713ead7519e0b73d25a07d2094

    • SSDEEP

      3072:Q6jIELf6FDTCjhnTzO6w/et1WuDCvgxo40TnCch36nycRt7fwxNn2pU9f2MKTV/z:Q6jocuVe3W8Y2chqnycP

    Score
    10/10
    redlinesonyinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks