Analysis
-
max time kernel
140s -
max time network
152s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
16/07/2023, 02:02
Static task
static1
Behavioral task
behavioral1
Sample
549049c206798ac82da3d7bf88fec6d324737390070547998c0828b916905d9c.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
549049c206798ac82da3d7bf88fec6d324737390070547998c0828b916905d9c.exe
Resource
win10v2004-20230703-en
General
-
Target
549049c206798ac82da3d7bf88fec6d324737390070547998c0828b916905d9c.exe
-
Size
243KB
-
MD5
a477e784517edb8205cd457bc48b3815
-
SHA1
aa5056861b6734362185e3f864832175da0f70b0
-
SHA256
549049c206798ac82da3d7bf88fec6d324737390070547998c0828b916905d9c
-
SHA512
961ab6cb49e96b473571e4ac64d5a0c870f3ef6047ba5aa48cf4d9b7a8d4d1c0ba0a8d4d2890acc0aec1c8a3e809ed76b35606ed96c92a34255a810d7f3d621d
-
SSDEEP
6144:BLk847qGHjoltg7qZ0unKBxrDU/xuM466dQeTJ+:Bf6Dcg7qLyrDSxPGdQSA
Malware Config
Extracted
redline
LogsDiller Cloud (Telegram: @logsdillabot)
147.135.165.22:17748
-
auth_value
c2955ed3813a798683a185a82e949f88
Signatures
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.