redline | 71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6 | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6
Size

2.5MB
Sample

221101-lyy44abdhq
MD5

ae4706a07a1483095cbb7d21d9bb15ef
SHA1

b4cea0e55de6af32949301b217f73a5b3b2c5e4c
SHA256

71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6
SHA512

2c2f34cc43fe898f453b40a46b1f3bd96a74bc6882634b71675ae25d65cfc1f0e2863a99803c4edd3275012a8afbfb89492b0c0169bc3569ca967d6bab2c375d
SSDEEP

24576:tZKcYhEYcwpYQYC+aQXi3MKbdIRHGOw6bdgvTLesl1oho4yQALwrkl3RuQ55313w:tAnhjck+Jdbhho4yQAll3q

Score

10^/10

redline logsdiller cloud (sup: @mr_golds)infostealer

Static task

static1

Behavioral task

behavioral1

Sample

71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6.exe

Resource

win7-20220812-en

redline logsdiller cloud (sup: @mr_golds)infostealer

windows7-x64

4 signatures

300 seconds

Behavioral task

behavioral2

Sample

71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6.exe

Resource

win10-20220812-en

redline logsdiller cloud (sup: @mr_golds)infostealer

windows10-1703-x64

4 signatures

300 seconds

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Sup: @mr_golds)

C2

193.233.193.14:8163

Attributes

auth_value
56c6f7b9024c076f0a96931453da7e56

Targets

- Target
  
  71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6
- Size
  
  2.5MB
- MD5
  
  ae4706a07a1483095cbb7d21d9bb15ef
- SHA1
  
  b4cea0e55de6af32949301b217f73a5b3b2c5e4c
- SHA256
  
  71db9fe75ae7ee5e107682e5df9a108a92f174e0368105728843c37598c1cab6
- SHA512
  
  2c2f34cc43fe898f453b40a46b1f3bd96a74bc6882634b71675ae25d65cfc1f0e2863a99803c4edd3275012a8afbfb89492b0c0169bc3569ca967d6bab2c375d
- SSDEEP
  
  24576:tZKcYhEYcwpYQYC+aQXi3MKbdIRHGOw6bdgvTLesl1oho4yQALwrkl3RuQ55313w:tAnhjck+Jdbhho4yQAll3q
Score

10^/10

redline logsdiller cloud (sup: @mr_golds)infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinelogsdiller cloud (sup: @mr_golds)infostealer

behavioral2

redlinelogsdiller cloud (sup: @mr_golds)infostealer

© 2018-2024

Terms | Privacy