General
-
Target
616f2b4e0a9b5e8bfa89441c7919275b3f41930a200380de4a32bda40b77b6b5
-
Size
416KB
-
Sample
230805-z9fnsagb9w
-
MD5
94a08c7d264c072ff9d3478df298ad0f
-
SHA1
06364c5224f966ea9cd9cf30500348cd7e9d6ae0
-
SHA256
616f2b4e0a9b5e8bfa89441c7919275b3f41930a200380de4a32bda40b77b6b5
-
SHA512
e50fe30ac3e18f6071030e7cd5550edbd4ee90aad7637649f789e463f4320e959f21f6ef053bac5a8537a0e36e8cac914427c21af7dd96ef28f29ab03f2207b3
-
SSDEEP
3072:wfq9UEPjgstGA4j5tgOD/5h72tIqRR65MyWmTT1GMOOo4Fqyv164qUa61gYfXRMz:izIkcRS+ODb72uqRRqWVSFtvq5YfXRe
Static task
static1
Behavioral task
behavioral1
Sample
616f2b4e0a9b5e8bfa89441c7919275b3f41930a200380de4a32bda40b77b6b5.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.89.201.49:6932
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
616f2b4e0a9b5e8bfa89441c7919275b3f41930a200380de4a32bda40b77b6b5
-
Size
416KB
-
MD5
94a08c7d264c072ff9d3478df298ad0f
-
SHA1
06364c5224f966ea9cd9cf30500348cd7e9d6ae0
-
SHA256
616f2b4e0a9b5e8bfa89441c7919275b3f41930a200380de4a32bda40b77b6b5
-
SHA512
e50fe30ac3e18f6071030e7cd5550edbd4ee90aad7637649f789e463f4320e959f21f6ef053bac5a8537a0e36e8cac914427c21af7dd96ef28f29ab03f2207b3
-
SSDEEP
3072:wfq9UEPjgstGA4j5tgOD/5h72tIqRR65MyWmTT1GMOOo4Fqyv164qUa61gYfXRMz:izIkcRS+ODb72uqRRqWVSFtvq5YfXRe
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-