General
-
Target
740fe7aa940c0e23a6bdb2cff01204f5a0dd66d158389b1fb6b4206076271e1d
-
Size
390KB
-
Sample
230805-dp9kgafd48
-
MD5
4cbf6eb5f5920e11cab73dafe5e0e0b9
-
SHA1
5c15f06f971107cfa43edb07f11243092a3aeb9d
-
SHA256
740fe7aa940c0e23a6bdb2cff01204f5a0dd66d158389b1fb6b4206076271e1d
-
SHA512
613d075d13b6b49ab11a8f7d9aee503eb5c8c9d429d2c4983a348e8c9100731270fe4a12f8a25e74b1f00c15dca3036e3fc726fbe9dc10be2a1d9612338cf7d0
-
SSDEEP
3072:mUjNDfqjwwnfNkgtoVm1Tm3TzEpZOku1+vx7VXmvVnGbwklnOwhJGy1HihXL8+pa:/pGjwkNkOelTzE6jckvHkh9nGb9jcm
Static task
static1
Behavioral task
behavioral1
Sample
740fe7aa940c0e23a6bdb2cff01204f5a0dd66d158389b1fb6b4206076271e1d.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.89.201.49:6932
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
740fe7aa940c0e23a6bdb2cff01204f5a0dd66d158389b1fb6b4206076271e1d
-
Size
390KB
-
MD5
4cbf6eb5f5920e11cab73dafe5e0e0b9
-
SHA1
5c15f06f971107cfa43edb07f11243092a3aeb9d
-
SHA256
740fe7aa940c0e23a6bdb2cff01204f5a0dd66d158389b1fb6b4206076271e1d
-
SHA512
613d075d13b6b49ab11a8f7d9aee503eb5c8c9d429d2c4983a348e8c9100731270fe4a12f8a25e74b1f00c15dca3036e3fc726fbe9dc10be2a1d9612338cf7d0
-
SSDEEP
3072:mUjNDfqjwwnfNkgtoVm1Tm3TzEpZOku1+vx7VXmvVnGbwklnOwhJGy1HihXL8+pa:/pGjwkNkOelTzE6jckvHkh9nGb9jcm
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-