General
-
Target
d885f65a9ce48c9239080cbcc5f74744259bdad1dd963dda13948ea9c294489d
-
Size
390KB
-
Sample
230804-3pqvssgb41
-
MD5
a0ad82474baf7bc4a088d79b9f6561f0
-
SHA1
953ef4caaeaa27088192e5e9aa0b684c19b419ba
-
SHA256
d885f65a9ce48c9239080cbcc5f74744259bdad1dd963dda13948ea9c294489d
-
SHA512
33255ad77e082cf2c8b11f6454405c7fd9f5f5cd8e69edfda23b021fa7ac86c1b0a5c52f17eddeb2c2fbcb28f3c7301f1b2f8020825f86e443ef56ad2103b178
-
SSDEEP
6144:MzOBkIbNW8Nl9f1kTs8SYWbcRGhFe++/C90kbJ3fC:MyBkIR2THSFbBP9t3f
Static task
static1
Behavioral task
behavioral1
Sample
d885f65a9ce48c9239080cbcc5f74744259bdad1dd963dda13948ea9c294489d.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.89.201.49:6932
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
d885f65a9ce48c9239080cbcc5f74744259bdad1dd963dda13948ea9c294489d
-
Size
390KB
-
MD5
a0ad82474baf7bc4a088d79b9f6561f0
-
SHA1
953ef4caaeaa27088192e5e9aa0b684c19b419ba
-
SHA256
d885f65a9ce48c9239080cbcc5f74744259bdad1dd963dda13948ea9c294489d
-
SHA512
33255ad77e082cf2c8b11f6454405c7fd9f5f5cd8e69edfda23b021fa7ac86c1b0a5c52f17eddeb2c2fbcb28f3c7301f1b2f8020825f86e443ef56ad2103b178
-
SSDEEP
6144:MzOBkIbNW8Nl9f1kTs8SYWbcRGhFe++/C90kbJ3fC:MyBkIR2THSFbBP9t3f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-