General
-
Target
956-149-0x0000000002870000-0x00000000028B4000-memory.dmp
-
Size
272KB
-
Sample
240303-x755jsfe65
-
MD5
631d21768f125a14d1449cf7bede7f91
-
SHA1
6f01e0b30b12662ea4ab06246e20fa395942e479
-
SHA256
d92037b931e4da3e6a256031931130de91ff2056cd3397593bd225f5af6527ef
-
SHA512
dbd6cb55f8ffeb6f972bd1e87c21297e5c00e2b0c311add7a17c8a341b3b02cddb1b0ade5ad2da910a6a53c5ffab58841aa2d96bdef6510f98c0c38a6b886072
-
SSDEEP
3072:Q6jIELf6FDTCjhnTzO6w/et1WuDCvgxo40TnCch36nycRt7fwxNn2pU9f2MKTV/C:Q6jocuVe3W8Y2chqnycP
Behavioral task
behavioral1
Sample
956-149-0x0000000002870000-0x00000000028B4000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
956-149-0x0000000002870000-0x00000000028B4000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
sony
193.233.20.33:4125
-
auth_value
1d93d1744381eeb4fcfd7c23ffe0f0b4
Targets
-
-
Target
956-149-0x0000000002870000-0x00000000028B4000-memory.dmp
-
Size
272KB
-
MD5
631d21768f125a14d1449cf7bede7f91
-
SHA1
6f01e0b30b12662ea4ab06246e20fa395942e479
-
SHA256
d92037b931e4da3e6a256031931130de91ff2056cd3397593bd225f5af6527ef
-
SHA512
dbd6cb55f8ffeb6f972bd1e87c21297e5c00e2b0c311add7a17c8a341b3b02cddb1b0ade5ad2da910a6a53c5ffab58841aa2d96bdef6510f98c0c38a6b886072
-
SSDEEP
3072:Q6jIELf6FDTCjhnTzO6w/et1WuDCvgxo40TnCch36nycRt7fwxNn2pU9f2MKTV/C:Q6jocuVe3W8Y2chqnycP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-