General
-
Target
f2bb4e90fd8a61c6e8d8195b09acabcdd4c0791c3a152f4f1b7753fb6a93d51c
-
Size
411KB
-
Sample
230802-x4fqgsaf5z
-
MD5
fddd27d4a68bbf8a7e6f403322451160
-
SHA1
d9cee98522e86a6b217ff98f0572eea8ea1ce29e
-
SHA256
f2bb4e90fd8a61c6e8d8195b09acabcdd4c0791c3a152f4f1b7753fb6a93d51c
-
SHA512
d664bb94867130b3f3782a0564b3cee70975cdad6911bee46a4dec1dccdefe479784b88c4776998add60d3fdffb524edf6cea5655d46bf655b0959f6b202340e
-
SSDEEP
6144:IFI31h9CLVGhUc5JFWy7pCl62RGzyENGjGHPcw:IiTCLIFWaAl6nyLiv
Static task
static1
Behavioral task
behavioral1
Sample
f2bb4e90fd8a61c6e8d8195b09acabcdd4c0791c3a152f4f1b7753fb6a93d51c.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.89.201.49:6932
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
f2bb4e90fd8a61c6e8d8195b09acabcdd4c0791c3a152f4f1b7753fb6a93d51c
-
Size
411KB
-
MD5
fddd27d4a68bbf8a7e6f403322451160
-
SHA1
d9cee98522e86a6b217ff98f0572eea8ea1ce29e
-
SHA256
f2bb4e90fd8a61c6e8d8195b09acabcdd4c0791c3a152f4f1b7753fb6a93d51c
-
SHA512
d664bb94867130b3f3782a0564b3cee70975cdad6911bee46a4dec1dccdefe479784b88c4776998add60d3fdffb524edf6cea5655d46bf655b0959f6b202340e
-
SSDEEP
6144:IFI31h9CLVGhUc5JFWy7pCl62RGzyENGjGHPcw:IiTCLIFWaAl6nyLiv
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-