General
-
Target
c01006bcd4b3144b6121fc524c4818d9bc61b429b3c655ef9f22bc3df8628934
-
Size
395KB
-
Sample
230804-fq3vesag3y
-
MD5
6940d9426d5ec3992329da17c01dd2a5
-
SHA1
4d6dd8f8260e8851369cef04e2db1b01691da6af
-
SHA256
c01006bcd4b3144b6121fc524c4818d9bc61b429b3c655ef9f22bc3df8628934
-
SHA512
5e64a072a1edc9e272888a0785fee8d4b5c320a02d30b63a0c8c1c2ffb3166c4382ca264bdccacb1d566185c8fa039bb614dbb8caf656a6a450ea99d2228eecc
-
SSDEEP
6144:h+uh1vF+XRR4qTXqALqfOdA8qi40MIIfkvQUC:Xh1v8XRR4qTXOfOdVq8Lo
Static task
static1
Behavioral task
behavioral1
Sample
c01006bcd4b3144b6121fc524c4818d9bc61b429b3c655ef9f22bc3df8628934.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.89.201.49:6932
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
c01006bcd4b3144b6121fc524c4818d9bc61b429b3c655ef9f22bc3df8628934
-
Size
395KB
-
MD5
6940d9426d5ec3992329da17c01dd2a5
-
SHA1
4d6dd8f8260e8851369cef04e2db1b01691da6af
-
SHA256
c01006bcd4b3144b6121fc524c4818d9bc61b429b3c655ef9f22bc3df8628934
-
SHA512
5e64a072a1edc9e272888a0785fee8d4b5c320a02d30b63a0c8c1c2ffb3166c4382ca264bdccacb1d566185c8fa039bb614dbb8caf656a6a450ea99d2228eecc
-
SSDEEP
6144:h+uh1vF+XRR4qTXqALqfOdA8qi40MIIfkvQUC:Xh1v8XRR4qTXOfOdVq8Lo
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-