General
-
Target
1552-319-0x0000000003FD0000-0x0000000004004000-memory.dmp
-
Size
208KB
-
Sample
230803-j1er5acb65
-
MD5
0f79fbe2bc9cf4a8328154d7fbe05df2
-
SHA1
26305fd5ff14b060e96a1b2c2ba848253ef22460
-
SHA256
9cff1247284a27300c7562f1720a5dec271426bd4b7b647e3571e52194b86bff
-
SHA512
878801013126bd7e03ecf1b203cab21d3e0a2d432d8252f84497dbbb5d7e067b5dd12645ae9816a51e81ac49dcd9e78f753b40830cf4bcb3535e4d2ad96f941c
-
SSDEEP
3072:MW3s69VvJMzabHEt82BCHJam9UlCQXD/2brWI4+okzBby/8e8hg:p3s6NMzaBJpK+brWIFdS
Behavioral task
behavioral1
Sample
1552-319-0x0000000003FD0000-0x0000000004004000-memory.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
1552-319-0x0000000003FD0000-0x0000000004004000-memory.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.89.201.49:6932
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
1552-319-0x0000000003FD0000-0x0000000004004000-memory.dmp
-
Size
208KB
-
MD5
0f79fbe2bc9cf4a8328154d7fbe05df2
-
SHA1
26305fd5ff14b060e96a1b2c2ba848253ef22460
-
SHA256
9cff1247284a27300c7562f1720a5dec271426bd4b7b647e3571e52194b86bff
-
SHA512
878801013126bd7e03ecf1b203cab21d3e0a2d432d8252f84497dbbb5d7e067b5dd12645ae9816a51e81ac49dcd9e78f753b40830cf4bcb3535e4d2ad96f941c
-
SSDEEP
3072:MW3s69VvJMzabHEt82BCHJam9UlCQXD/2brWI4+okzBby/8e8hg:p3s6NMzaBJpK+brWIFdS
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-