General
-
Target
48bf5f6350416143aea0be69b22c1e45d6c4515048c199b7c8234715f244594b
-
Size
342KB
-
Sample
230810-favh4shg96
-
MD5
b2534147f012bc4261991a624fe630ac
-
SHA1
9fc859161d45058934a5c23bb9e5e720809e743e
-
SHA256
48bf5f6350416143aea0be69b22c1e45d6c4515048c199b7c8234715f244594b
-
SHA512
afe805d8209a75a4ce56057ad03e7abf40bbf9c30222046e3192e0012859b6546addaccab0241899c9df0521120c97f2b6bad77fce15a61f9d236b11e3c8e550
-
SSDEEP
6144:Tt3ieFu2VuKLeamNPjYoYrBjnGx/RyN2GqYCpSdiWUlLjIAwp:Tt1uoDK9N3YrFGxpyNUYCpwSlC
Static task
static1
Behavioral task
behavioral1
Sample
48bf5f6350416143aea0be69b22c1e45d6c4515048c199b7c8234715f244594b.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
209.250.248.11:33522
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
48bf5f6350416143aea0be69b22c1e45d6c4515048c199b7c8234715f244594b
-
Size
342KB
-
MD5
b2534147f012bc4261991a624fe630ac
-
SHA1
9fc859161d45058934a5c23bb9e5e720809e743e
-
SHA256
48bf5f6350416143aea0be69b22c1e45d6c4515048c199b7c8234715f244594b
-
SHA512
afe805d8209a75a4ce56057ad03e7abf40bbf9c30222046e3192e0012859b6546addaccab0241899c9df0521120c97f2b6bad77fce15a61f9d236b11e3c8e550
-
SSDEEP
6144:Tt3ieFu2VuKLeamNPjYoYrBjnGx/RyN2GqYCpSdiWUlLjIAwp:Tt1uoDK9N3YrFGxpyNUYCpwSlC
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-