redline | 47aea7aea579cb10266d4d100542eeeb3ec6864a1e4b26f21231b29020e0bfb3 | Triage

Sharing

General

Target

6d3a88a202ef9616439751588421a6de.bin
Size

203KB
Sample

230716-b3vmcscc37
MD5

540bd551773a0b07aa4952d3c5b2ad4e
SHA1

a492e5eac10f6cb822ced4248e7858c3e427b2ae
SHA256

47aea7aea579cb10266d4d100542eeeb3ec6864a1e4b26f21231b29020e0bfb3
SHA512

9875b92653944245dacebca8d30467238d8a830fb2fc000f1854197e17ae61139b8f05cc1d48b8b43f02cbfe2b5ab59fab2cbf3378a26267de828b97dff7b43a
SSDEEP

3072:mTFUdyUWQ1N7ek5mw9gQYXzxsvyu6xvw5MwMnGj6vWMDxhGCJQJfeEA17t:mTFUdy0PwXzxsafVwCwIGj6vWgb1z17t

Score

10^/10

redline logsdiller cloud (bot: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Bot: @logsdillabot)

C2

147.135.165.22:17748

Attributes

auth_value
ed000008c0b59caf793b48c8ea9a7233

Targets

- Target
  
  b57de37a80f74078a963dfc2ef5881250be4935b0dce103af1e1479195c09876.exe
- Size
  
  243KB
- MD5
  
  6d3a88a202ef9616439751588421a6de
- SHA1
  
  36830e973c50a88f0e49a201730af3e04c995c1f
- SHA256
  
  b57de37a80f74078a963dfc2ef5881250be4935b0dce103af1e1479195c09876
- SHA512
  
  59238849991a211296921af9861040bb35d0737f49320a6480d490af73509cc53f97a1c096e977a0dafb4c931bdbb7767c396e2340d9e67357c12608bd37cafd
- SSDEEP
  
  3072:YQLkmP451iuiDJYFPINDXQ38UT5xS5FEOcuuaKthrHeRKYIbWpu4E5I8:rLkmAkoKuOpudeRCKpui8
Score

10^/10

redline logsdiller cloud (bot: @logsdillabot)infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinelogsdiller cloud (bot: @logsdillabot)infostealer

behavioral2