General
-
Target
a8f7e5e66722849161aac143c18a8891b0468160f7624cd9a18503a711c5d5be
-
Size
396KB
-
Sample
230804-s6hweadc7x
-
MD5
549a44c2aa3e12207c4fed20f1c22b7b
-
SHA1
00db5d1bde07c9e2ef6f02688cc5e25a361bcb1e
-
SHA256
a8f7e5e66722849161aac143c18a8891b0468160f7624cd9a18503a711c5d5be
-
SHA512
b7b6f14b3d49258300f3afac4c0412608c57e43e55b713ae12b5f2034af09723bcaf1b48cdc87f3ba4a324e7516de68d2586e72a609d26c3cbf0f589ee678736
-
SSDEEP
3072:DXoQigYZnZeWK7DUzpr7t5XZHHKRcS+axGrPnYzcxlDM2W1eBF32sxulLvyb/1qF:Tm51ZehvU9jOZQrvlC1VB1vy8DJRIb
Static task
static1
Behavioral task
behavioral1
Sample
a8f7e5e66722849161aac143c18a8891b0468160f7624cd9a18503a711c5d5be.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.89.201.49:6932
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
a8f7e5e66722849161aac143c18a8891b0468160f7624cd9a18503a711c5d5be
-
Size
396KB
-
MD5
549a44c2aa3e12207c4fed20f1c22b7b
-
SHA1
00db5d1bde07c9e2ef6f02688cc5e25a361bcb1e
-
SHA256
a8f7e5e66722849161aac143c18a8891b0468160f7624cd9a18503a711c5d5be
-
SHA512
b7b6f14b3d49258300f3afac4c0412608c57e43e55b713ae12b5f2034af09723bcaf1b48cdc87f3ba4a324e7516de68d2586e72a609d26c3cbf0f589ee678736
-
SSDEEP
3072:DXoQigYZnZeWK7DUzpr7t5XZHHKRcS+axGrPnYzcxlDM2W1eBF32sxulLvyb/1qF:Tm51ZehvU9jOZQrvlC1VB1vy8DJRIb
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-