General
-
Target
5aa4fe895ffe3c4670bf05338824efb4dc5d73fbe387c265ee94d0b983a04fe0
-
Size
386KB
-
Sample
230805-w12ywadh37
-
MD5
6f237ce8e0dfd69a6f082b3ae3429a8e
-
SHA1
61d0bde4ac2fdda3b399b6da7c9d0c4eb6c37464
-
SHA256
5aa4fe895ffe3c4670bf05338824efb4dc5d73fbe387c265ee94d0b983a04fe0
-
SHA512
dc4e42d5976b8f83f6910570ce03e4caf35941d730f43757de0952c4b76e6ebd42c6b2430ffbfeea7e1ad5fc21abb85ee7e164e54a8b78f6853523a19ffa04a1
-
SSDEEP
6144:nOnOmG42S+XVXqUb+yvsctSx3PxtAxfH04a3QKb0iSe:nIOHrSsVXzUvxmNkci
Static task
static1
Behavioral task
behavioral1
Sample
5aa4fe895ffe3c4670bf05338824efb4dc5d73fbe387c265ee94d0b983a04fe0.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.89.201.49:6932
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
5aa4fe895ffe3c4670bf05338824efb4dc5d73fbe387c265ee94d0b983a04fe0
-
Size
386KB
-
MD5
6f237ce8e0dfd69a6f082b3ae3429a8e
-
SHA1
61d0bde4ac2fdda3b399b6da7c9d0c4eb6c37464
-
SHA256
5aa4fe895ffe3c4670bf05338824efb4dc5d73fbe387c265ee94d0b983a04fe0
-
SHA512
dc4e42d5976b8f83f6910570ce03e4caf35941d730f43757de0952c4b76e6ebd42c6b2430ffbfeea7e1ad5fc21abb85ee7e164e54a8b78f6853523a19ffa04a1
-
SSDEEP
6144:nOnOmG42S+XVXqUb+yvsctSx3PxtAxfH04a3QKb0iSe:nIOHrSsVXzUvxmNkci
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-