General
-
Target
2604-60-0x00000000040A0000-0x00000000040D4000-memory.dmp
-
Size
208KB
-
Sample
230809-bv39jaab7t
-
MD5
55400154f9e4d1ae8fbf2dd4273c1ac4
-
SHA1
ad3718288b6605f90f4d51044300f8d00ac76332
-
SHA256
6520652b18e94dea4676f04231c8c244f15dfc83a52bc6fa65dbf388138bf38d
-
SHA512
5b53e0c9e1a7fffbf682bb4ae8f8ba47689584d05a8e766d874959fd674560926b0c0c055de226b97a7d02395afd212b5a964bf7f691a8e8253aa9a8ce47bb3c
-
SSDEEP
3072:4eG4mt57f3YInEGK2U/YetUBaVa0b6AyM9w+Zxwak8e8hV/:S4mt57gInEG3YetMb6O
Behavioral task
behavioral1
Sample
2604-60-0x00000000040A0000-0x00000000040D4000-memory.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
2604-60-0x00000000040A0000-0x00000000040D4000-memory.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
209.250.248.11:33522
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
2604-60-0x00000000040A0000-0x00000000040D4000-memory.dmp
-
Size
208KB
-
MD5
55400154f9e4d1ae8fbf2dd4273c1ac4
-
SHA1
ad3718288b6605f90f4d51044300f8d00ac76332
-
SHA256
6520652b18e94dea4676f04231c8c244f15dfc83a52bc6fa65dbf388138bf38d
-
SHA512
5b53e0c9e1a7fffbf682bb4ae8f8ba47689584d05a8e766d874959fd674560926b0c0c055de226b97a7d02395afd212b5a964bf7f691a8e8253aa9a8ce47bb3c
-
SSDEEP
3072:4eG4mt57f3YInEGK2U/YetUBaVa0b6AyM9w+Zxwak8e8hV/:S4mt57gInEG3YetMb6O
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-