General
-
Target
d402aec3dc56d6b77d17685e5c6ba4ca.bin
-
Size
240KB
-
Sample
230610-ct9wcseg5v
-
MD5
0442004556190a5a77233337d59707cc
-
SHA1
a025e3791bbe12a4302dce38f56030337bdaf032
-
SHA256
f755e2eb33908192d563d87f0ff6fbb722fbb2b8561cfe9bf383cdb291d8fe85
-
SHA512
0fc7d73ec274f2ea292e8b6d2d6861f63c50b718a4c323f72be1fc5bcf90f76bdd8733489ed2672c1ba90bed9cbc0544a537a389bdea0d4b25680caa75115d1e
-
SSDEEP
6144:AUDagutTSj9F76573aSxMvWZD3uC50fBFiz:riSjH767jkSq7iz
Static task
static1
Behavioral task
behavioral1
Sample
02faea4481281e7d6e4bd48f06e969b6a9854d4746525af6ccae7a9748b49b95.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
LogsDiller Cloud (Telegram: @logsdillabot)
147.135.231.58:39396
-
auth_value
c2955ed3813a798683a185a82e949f88
Targets
-
-
Target
02faea4481281e7d6e4bd48f06e969b6a9854d4746525af6ccae7a9748b49b95.exe
-
Size
366KB
-
MD5
d402aec3dc56d6b77d17685e5c6ba4ca
-
SHA1
f867b9cc5aebc7e842c2201b0ace55f311d8b49d
-
SHA256
02faea4481281e7d6e4bd48f06e969b6a9854d4746525af6ccae7a9748b49b95
-
SHA512
4dcd96e71fc802ff60043ee8867a4f05e70ee6a6fb7948f30499b48963aba490af6b3cc1096e694965e8336c466cfff08fd73fd2a0ac70a8d9e7444bc3581466
-
SSDEEP
6144:T542pYxE5tayWiTndiZI1sxgsHwtjahCaJHhgsq:T+2paUayWcnIZIEgvabg
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-