General
-
Target
2256-292-0x0000000003F60000-0x0000000003F94000-memory.dmp
-
Size
208KB
-
Sample
230811-bw1j2abg6v
-
MD5
4a4ec3d54d7ab72c1103fa6717f008fb
-
SHA1
b85beb112468ba030173117fcbe600f69eaae400
-
SHA256
a9917e65b1a4eed5087549276e9038bbd3f880e8f5e42c7ee7282bceccb1ae4e
-
SHA512
0a6438540b871d1e85b2f4f65b673c9d6e9b1485e3384e26a1117c48f6c226317f41923762dc4902564f5021417808d317cb4e44590f232179032d6c15cae41a
-
SSDEEP
3072:c2d6mtyOf3YItpGVH1/W92Ve/eV+9wdLxwafS8e8hq:x6mtyOgItpGgD/eUmZS
Behavioral task
behavioral1
Sample
2256-292-0x0000000003F60000-0x0000000003F94000-memory.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
2256-292-0x0000000003F60000-0x0000000003F94000-memory.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
136.244.98.226:33587
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
2256-292-0x0000000003F60000-0x0000000003F94000-memory.dmp
-
Size
208KB
-
MD5
4a4ec3d54d7ab72c1103fa6717f008fb
-
SHA1
b85beb112468ba030173117fcbe600f69eaae400
-
SHA256
a9917e65b1a4eed5087549276e9038bbd3f880e8f5e42c7ee7282bceccb1ae4e
-
SHA512
0a6438540b871d1e85b2f4f65b673c9d6e9b1485e3384e26a1117c48f6c226317f41923762dc4902564f5021417808d317cb4e44590f232179032d6c15cae41a
-
SSDEEP
3072:c2d6mtyOf3YItpGVH1/W92Ve/eV+9wdLxwafS8e8hq:x6mtyOgItpGgD/eUmZS
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-