General
-
Target
bcfec7d4a960c400264f1a316e4440f9b4e37f49a2341a909d1f06e78675f1f4
-
Size
357KB
-
Sample
230803-ytw56ahb7t
-
MD5
0ad9ff932e0783ce8cca1b1c61dde9c3
-
SHA1
a23dba70dc125445830a9b4b9d4984ceb888d23b
-
SHA256
bcfec7d4a960c400264f1a316e4440f9b4e37f49a2341a909d1f06e78675f1f4
-
SHA512
8c2254e88ecf0ed654b5880e57056d2f6608c3d9b563644a8c8350cb53ef4bc1f2a2793d11759a2040aec9457711ed7ea47e1f348271e70eff46cd3b410e9c0f
-
SSDEEP
6144:CaiNqLg1RLPVZ+8UsVhxUXm7cGVyGrsHGDsGh74NNnTC:Cai0c1prpthU3CUtGh7oZC
Static task
static1
Behavioral task
behavioral1
Sample
bcfec7d4a960c400264f1a316e4440f9b4e37f49a2341a909d1f06e78675f1f4.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.89.201.49:6932
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
bcfec7d4a960c400264f1a316e4440f9b4e37f49a2341a909d1f06e78675f1f4
-
Size
357KB
-
MD5
0ad9ff932e0783ce8cca1b1c61dde9c3
-
SHA1
a23dba70dc125445830a9b4b9d4984ceb888d23b
-
SHA256
bcfec7d4a960c400264f1a316e4440f9b4e37f49a2341a909d1f06e78675f1f4
-
SHA512
8c2254e88ecf0ed654b5880e57056d2f6608c3d9b563644a8c8350cb53ef4bc1f2a2793d11759a2040aec9457711ed7ea47e1f348271e70eff46cd3b410e9c0f
-
SSDEEP
6144:CaiNqLg1RLPVZ+8UsVhxUXm7cGVyGrsHGDsGh74NNnTC:Cai0c1prpthU3CUtGh7oZC
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-