General
-
Target
4c07db3ffa2649a5a6455667ab46c68562116bccbf403d8cdee5b65a3f7c6b10
-
Size
152KB
-
Sample
220926-fggktsafcr
-
MD5
42dc344da32903e474e9ad7d536b7f2c
-
SHA1
95d2e7714be79fd0caa3bf5b738193597bbae0d5
-
SHA256
4c07db3ffa2649a5a6455667ab46c68562116bccbf403d8cdee5b65a3f7c6b10
-
SHA512
30f4087410685969d7223efe6214546beff87cb9a25edb805105a0b8733468155968ce87ab27c00ce13dbcb4b9f934241ca00fa5b7a3d153e45ec6c51cfd1c0d
-
SSDEEP
3072:naa1zstdG5jzSJOTUy+U1G1Z4kHB7s86fRRq05x:RI61G1Zj6Rq
Static task
static1
Behavioral task
behavioral1
Sample
4c07db3ffa2649a5a6455667ab46c68562116bccbf403d8cdee5b65a3f7c6b10.exe
Resource
win10-20220901-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @mr_golds)
77.73.134.27:7161
-
auth_value
4b2de03af6b6ac513ac597c2e6c1ad51
Targets
-
-
Target
4c07db3ffa2649a5a6455667ab46c68562116bccbf403d8cdee5b65a3f7c6b10
-
Size
152KB
-
MD5
42dc344da32903e474e9ad7d536b7f2c
-
SHA1
95d2e7714be79fd0caa3bf5b738193597bbae0d5
-
SHA256
4c07db3ffa2649a5a6455667ab46c68562116bccbf403d8cdee5b65a3f7c6b10
-
SHA512
30f4087410685969d7223efe6214546beff87cb9a25edb805105a0b8733468155968ce87ab27c00ce13dbcb4b9f934241ca00fa5b7a3d153e45ec6c51cfd1c0d
-
SSDEEP
3072:naa1zstdG5jzSJOTUy+U1G1Z4kHB7s86fRRq05x:RI61G1Zj6Rq
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Deletes itself
-
Suspicious use of SetThreadContext
-