General
-
Target
93e1c628d0aed6d6e5fce557edc6079629e29181f87037a8d47585b06dbb005b
-
Size
367KB
-
Sample
230803-jggglsca58
-
MD5
0c7ea4c9f6ed40d241aab1cccec64e25
-
SHA1
661d0c69cc3f00e5a0d103b2ca8107055fbc17ab
-
SHA256
93e1c628d0aed6d6e5fce557edc6079629e29181f87037a8d47585b06dbb005b
-
SHA512
97f60c0fecfe271952245ee7a47c0a4b144168bd1b3adf52599616fb1a1b7fbbd245b89ea3a2d8f0c932d596ab91027e6918f43373b3b39348605ebc7d495cbb
-
SSDEEP
3072:6kK3KMZsP7gLu1AEuT8o1QvjpFdmg9ZB+fGViaGsrQYnX2ZwI62qXhSk+UcgQYF4:yRZsPMLu15zo8FdgfGOaQQi6hRcU0Y
Static task
static1
Behavioral task
behavioral1
Sample
93e1c628d0aed6d6e5fce557edc6079629e29181f87037a8d47585b06dbb005b.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.89.201.49:6932
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
93e1c628d0aed6d6e5fce557edc6079629e29181f87037a8d47585b06dbb005b
-
Size
367KB
-
MD5
0c7ea4c9f6ed40d241aab1cccec64e25
-
SHA1
661d0c69cc3f00e5a0d103b2ca8107055fbc17ab
-
SHA256
93e1c628d0aed6d6e5fce557edc6079629e29181f87037a8d47585b06dbb005b
-
SHA512
97f60c0fecfe271952245ee7a47c0a4b144168bd1b3adf52599616fb1a1b7fbbd245b89ea3a2d8f0c932d596ab91027e6918f43373b3b39348605ebc7d495cbb
-
SSDEEP
3072:6kK3KMZsP7gLu1AEuT8o1QvjpFdmg9ZB+fGViaGsrQYnX2ZwI62qXhSk+UcgQYF4:yRZsPMLu15zo8FdgfGOaQQi6hRcU0Y
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-