Overview

overview

10

Static

static

10

956-149-0x...ry.exe

windows7-x64

10

956-149-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    956-149-0x0000000002870000-0x00000000028B4000-memory.dmp

  • Size

    272KB

  • Sample

    240303-x755jsfe65

  • MD5

    631d21768f125a14d1449cf7bede7f91

  • SHA1

    6f01e0b30b12662ea4ab06246e20fa395942e479

  • SHA256

    d92037b931e4da3e6a256031931130de91ff2056cd3397593bd225f5af6527ef

  • SHA512

    dbd6cb55f8ffeb6f972bd1e87c21297e5c00e2b0c311add7a17c8a341b3b02cddb1b0ade5ad2da910a6a53c5ffab58841aa2d96bdef6510f98c0c38a6b886072

  • SSDEEP

    3072:Q6jIELf6FDTCjhnTzO6w/et1WuDCvgxo40TnCch36nycRt7fwxNn2pU9f2MKTV/C:Q6jocuVe3W8Y2chqnycP

Score
10/10
redlinesonyinfostealer

Malware Config

Extracted

Family

redline

Botnet

sony

C2

193.233.20.33:4125

Attributes
  • auth_value

    1d93d1744381eeb4fcfd7c23ffe0f0b4

Targets

    • Target

      956-149-0x0000000002870000-0x00000000028B4000-memory.dmp

    • Size

      272KB

    • MD5

      631d21768f125a14d1449cf7bede7f91

    • SHA1

      6f01e0b30b12662ea4ab06246e20fa395942e479

    • SHA256

      d92037b931e4da3e6a256031931130de91ff2056cd3397593bd225f5af6527ef

    • SHA512

      dbd6cb55f8ffeb6f972bd1e87c21297e5c00e2b0c311add7a17c8a341b3b02cddb1b0ade5ad2da910a6a53c5ffab58841aa2d96bdef6510f98c0c38a6b886072

    • SSDEEP

      3072:Q6jIELf6FDTCjhnTzO6w/et1WuDCvgxo40TnCch36nycRt7fwxNn2pU9f2MKTV/C:Q6jocuVe3W8Y2chqnycP

    Score
    10/10
    redlinesonyinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks