General
-
Target
9bf5338dd92e17b929494089b0d9c149998cc09a12936a683aa354fa7e6aae8a
-
Size
394KB
-
Sample
230804-f4mqcshf93
-
MD5
46391a61c6d720ddea8b9ef6b646750c
-
SHA1
b64b2ee4b33de93fcedc7630fd83ee5cb99d873b
-
SHA256
9bf5338dd92e17b929494089b0d9c149998cc09a12936a683aa354fa7e6aae8a
-
SHA512
354f7a0c12f2e71e54e8f1475d67d46ae7a0bb6c74b4ffe4afd63eee97392b37c9b592d85a79c7dc668a0bca9dc76689d107f12616492833571a550924325b6a
-
SSDEEP
3072:pGPu1+df4q9S7HqZodJA4i391kFaT2lyJqqjoBaxpdQHJKNYZl9H5tYb7v6tKeDM:muox9qbc91kFaT2QIBNH2E9Ztyv6we
Static task
static1
Behavioral task
behavioral1
Sample
9bf5338dd92e17b929494089b0d9c149998cc09a12936a683aa354fa7e6aae8a.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.89.201.49:6932
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
9bf5338dd92e17b929494089b0d9c149998cc09a12936a683aa354fa7e6aae8a
-
Size
394KB
-
MD5
46391a61c6d720ddea8b9ef6b646750c
-
SHA1
b64b2ee4b33de93fcedc7630fd83ee5cb99d873b
-
SHA256
9bf5338dd92e17b929494089b0d9c149998cc09a12936a683aa354fa7e6aae8a
-
SHA512
354f7a0c12f2e71e54e8f1475d67d46ae7a0bb6c74b4ffe4afd63eee97392b37c9b592d85a79c7dc668a0bca9dc76689d107f12616492833571a550924325b6a
-
SSDEEP
3072:pGPu1+df4q9S7HqZodJA4i391kFaT2lyJqqjoBaxpdQHJKNYZl9H5tYb7v6tKeDM:muox9qbc91kFaT2QIBNH2E9Ztyv6we
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-