General
-
Target
4b75218d0d6d3414d7fefc7f6f2ec9587ac1b9a9bd4c40a7558a6f53c8d123a5
-
Size
328KB
-
Sample
230809-x14yxage8x
-
MD5
6dc8b444f04a8e30c0f1bcfe3cacad3a
-
SHA1
2fb338857c4d67faf9d821a05b6ca816465edcb9
-
SHA256
4b75218d0d6d3414d7fefc7f6f2ec9587ac1b9a9bd4c40a7558a6f53c8d123a5
-
SHA512
405a3fcbfc26ea594e18e6150a19b2467ed99eb49c00b2d239f088ddd16b3e00fd62d674dba22d2a4e9e666768fd03c71b7d29e27b0c0e415cf9fe37b059c4d7
-
SSDEEP
6144:FtOXPdBL6WBdZ7gPLm/l6A3CRaupTN9OrZFt8rLssuw+2cQf:FtOTHBdZ78r/9lr41Gf
Static task
static1
Behavioral task
behavioral1
Sample
4b75218d0d6d3414d7fefc7f6f2ec9587ac1b9a9bd4c40a7558a6f53c8d123a5.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
209.250.248.11:33522
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
4b75218d0d6d3414d7fefc7f6f2ec9587ac1b9a9bd4c40a7558a6f53c8d123a5
-
Size
328KB
-
MD5
6dc8b444f04a8e30c0f1bcfe3cacad3a
-
SHA1
2fb338857c4d67faf9d821a05b6ca816465edcb9
-
SHA256
4b75218d0d6d3414d7fefc7f6f2ec9587ac1b9a9bd4c40a7558a6f53c8d123a5
-
SHA512
405a3fcbfc26ea594e18e6150a19b2467ed99eb49c00b2d239f088ddd16b3e00fd62d674dba22d2a4e9e666768fd03c71b7d29e27b0c0e415cf9fe37b059c4d7
-
SSDEEP
6144:FtOXPdBL6WBdZ7gPLm/l6A3CRaupTN9OrZFt8rLssuw+2cQf:FtOTHBdZ78r/9lr41Gf
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-