Overview

overview

10

Static

static

10

2036-151-0...ry.exe

windows7-x64

10

2036-151-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2036-151-0x0000000003170000-0x00000000031B4000-memory.dmp

  • Size

    272KB

  • Sample

    240303-vm1cfsda71

  • MD5

    b6b2b6288f5403872a89e5dc70731dcf

  • SHA1

    a54888cd2012506497544a8ccd1a2dc8ce1b6d36

  • SHA256

    383905095f5df28f86460653778efaea11669ed56d87add2d88d33955299e0d3

  • SHA512

    2e997ef3b1a618868ecd40f71d20a748889170c92927559281150b5c2c7a5a3709fd206f62fa9de4fac898b8300179f8ec6298a5ab2f0915baab67d006a41ade

  • SSDEEP

    3072:Q6jIELf6FDTCjhnTzO6w/et1WuDCvgxo40TnCch36nycRt7fwxNn2pU9f2MKTV/C:Q6jocuVe3W8Y2chqnycP

Score
10/10
redlinesonyinfostealer

Malware Config

Extracted

Family

redline

Botnet

sony

C2

193.233.20.33:4125

Attributes
  • auth_value

    1d93d1744381eeb4fcfd7c23ffe0f0b4

Targets

    • Target

      2036-151-0x0000000003170000-0x00000000031B4000-memory.dmp

    • Size

      272KB

    • MD5

      b6b2b6288f5403872a89e5dc70731dcf

    • SHA1

      a54888cd2012506497544a8ccd1a2dc8ce1b6d36

    • SHA256

      383905095f5df28f86460653778efaea11669ed56d87add2d88d33955299e0d3

    • SHA512

      2e997ef3b1a618868ecd40f71d20a748889170c92927559281150b5c2c7a5a3709fd206f62fa9de4fac898b8300179f8ec6298a5ab2f0915baab67d006a41ade

    • SSDEEP

      3072:Q6jIELf6FDTCjhnTzO6w/et1WuDCvgxo40TnCch36nycRt7fwxNn2pU9f2MKTV/C:Q6jocuVe3W8Y2chqnycP

    Score
    10/10
    redlinesonyinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks