General

  • Target

    a93e241643a3048e674a1bd46201dbdf82ae7463aeb78cbf96aa559a8f37e8a0

  • Size

    360KB

  • Sample

    230803-pxekvaed7s

  • MD5

    12818e0b2ac30c56a177b57efd0bcdb6

  • SHA1

    e63fb2819132f64657af40d1f0781b49837588a7

  • SHA256

    a93e241643a3048e674a1bd46201dbdf82ae7463aeb78cbf96aa559a8f37e8a0

  • SHA512

    2ce8882dc58b038d0a056454a4f1fd2c03af3a6321bbbd24b4d1cd3d676299cc8bd0be4443a1107d0282027b2bc3daed3e2922348f2692d1e4f072864a0bd819

  • SSDEEP

    6144:8eWUiZSLCz4gSQqp0diO0hTuHgMBFDUz7wSoIRp1P0Kqtj:eUi8Oz7wDFTlMBFUPwSoIj1crt

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

51.89.201.49:6932

Attributes
  • auth_value

    3a050df92d0cf082b2cdaf87863616be

Targets

    • Target

      a93e241643a3048e674a1bd46201dbdf82ae7463aeb78cbf96aa559a8f37e8a0

    • Size

      360KB

    • MD5

      12818e0b2ac30c56a177b57efd0bcdb6

    • SHA1

      e63fb2819132f64657af40d1f0781b49837588a7

    • SHA256

      a93e241643a3048e674a1bd46201dbdf82ae7463aeb78cbf96aa559a8f37e8a0

    • SHA512

      2ce8882dc58b038d0a056454a4f1fd2c03af3a6321bbbd24b4d1cd3d676299cc8bd0be4443a1107d0282027b2bc3daed3e2922348f2692d1e4f072864a0bd819

    • SSDEEP

      6144:8eWUiZSLCz4gSQqp0diO0hTuHgMBFDUz7wSoIRp1P0Kqtj:eUi8Oz7wDFTlMBFUPwSoIj1crt

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v15

Tasks