General
-
Target
b088208e9b1dc40a80d6b6c18734e2744ae1e1b7a5774a186845faaecc8bb427
-
Size
360KB
-
Sample
230803-s458xsdh82
-
MD5
10b2f5cdea9a98fcd33b99b153bb6ec0
-
SHA1
8c4e2a447031ee7c1a1a3739d1774153a0562a6c
-
SHA256
b088208e9b1dc40a80d6b6c18734e2744ae1e1b7a5774a186845faaecc8bb427
-
SHA512
f771ebb64e8b04f2fe2d3196c7822b1800fd8debba60b5abe141946242a88955a86033bb68909cc818dbbbb387ce8984262cfe43349a633166876d67180f42e3
-
SSDEEP
6144:RyvIig6LF5087eKbuMTaMI1JNQ1m/iawMN2/KYZqY:UIirZ508qdetIXNQ88h1
Static task
static1
Behavioral task
behavioral1
Sample
b088208e9b1dc40a80d6b6c18734e2744ae1e1b7a5774a186845faaecc8bb427.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.89.201.49:6932
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
b088208e9b1dc40a80d6b6c18734e2744ae1e1b7a5774a186845faaecc8bb427
-
Size
360KB
-
MD5
10b2f5cdea9a98fcd33b99b153bb6ec0
-
SHA1
8c4e2a447031ee7c1a1a3739d1774153a0562a6c
-
SHA256
b088208e9b1dc40a80d6b6c18734e2744ae1e1b7a5774a186845faaecc8bb427
-
SHA512
f771ebb64e8b04f2fe2d3196c7822b1800fd8debba60b5abe141946242a88955a86033bb68909cc818dbbbb387ce8984262cfe43349a633166876d67180f42e3
-
SSDEEP
6144:RyvIig6LF5087eKbuMTaMI1JNQ1m/iawMN2/KYZqY:UIirZ508qdetIXNQ88h1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-