General
-
Target
Discord Logger V4.exe
-
Size
191KB
-
Sample
230223-3cjwqahd87
-
MD5
f1a5d668b65f4db0c423ed6e9239e217
-
SHA1
17d986b65eef4389f0c311730a06ff062499adf1
-
SHA256
1f9843ff169fa572bc715c398ccb74e6d04232ae9a2f23d964d839bea5a94cae
-
SHA512
ea3f14a32718e4002cde81c5a32384d6ccfc6206571425fd0ac47dcddb5dfc7a9d7a836dcba6360e06f7a2faa88ab4efe3b6d7dab24c66abd1579b9065eaac0c
-
SSDEEP
3072:7OvZrP9bo8BdUayvjKRTtTO2NMmBM155t3S9CuVkXGsG4Ii+qJAmx8:7OBrFbo8BdE1sMnvSEkkvG4kquh
Static task
static1
Behavioral task
behavioral1
Sample
Discord Logger V4.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
cheat
83.150.217.106:26463
Targets
-
-
Target
Discord Logger V4.exe
-
Size
191KB
-
MD5
f1a5d668b65f4db0c423ed6e9239e217
-
SHA1
17d986b65eef4389f0c311730a06ff062499adf1
-
SHA256
1f9843ff169fa572bc715c398ccb74e6d04232ae9a2f23d964d839bea5a94cae
-
SHA512
ea3f14a32718e4002cde81c5a32384d6ccfc6206571425fd0ac47dcddb5dfc7a9d7a836dcba6360e06f7a2faa88ab4efe3b6d7dab24c66abd1579b9065eaac0c
-
SSDEEP
3072:7OvZrP9bo8BdUayvjKRTtTO2NMmBM155t3S9CuVkXGsG4Ii+qJAmx8:7OBrFbo8BdE1sMnvSEkkvG4kquh
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-