General
-
Target
bea60a6d436d1d750f83f0df89dce0367822b76b3c67acfd95ff038870930789_JC.exe
-
Size
335KB
-
Sample
230813-mkcvdadb4z
-
MD5
38484b1d577ecf98fed9e4eab2ada142
-
SHA1
ece6dc7f8b098151067d66edbbf10a7730bc725b
-
SHA256
bea60a6d436d1d750f83f0df89dce0367822b76b3c67acfd95ff038870930789
-
SHA512
3bfbed508703dd92e37871b1d4f6475592c17cc9346c3fbd9b1bc3963e2feb0508c364b199ad88ee3a6e7b4c935ef02a0febf98b559be25c93ccefa9fcfc7d9a
-
SSDEEP
6144:80Ai+LVGEleBgfZ/NsuD3tpCuedtjUHY9E0969:8VDMElFZ/NsuD3tpC1QHY9E0e
Static task
static1
Behavioral task
behavioral1
Sample
bea60a6d436d1d750f83f0df89dce0367822b76b3c67acfd95ff038870930789_JC.exe
Resource
win7-20230712-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.83.170.21:19447
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
bea60a6d436d1d750f83f0df89dce0367822b76b3c67acfd95ff038870930789_JC.exe
-
Size
335KB
-
MD5
38484b1d577ecf98fed9e4eab2ada142
-
SHA1
ece6dc7f8b098151067d66edbbf10a7730bc725b
-
SHA256
bea60a6d436d1d750f83f0df89dce0367822b76b3c67acfd95ff038870930789
-
SHA512
3bfbed508703dd92e37871b1d4f6475592c17cc9346c3fbd9b1bc3963e2feb0508c364b199ad88ee3a6e7b4c935ef02a0febf98b559be25c93ccefa9fcfc7d9a
-
SSDEEP
6144:80Ai+LVGEleBgfZ/NsuD3tpCuedtjUHY9E0969:8VDMElFZ/NsuD3tpC1QHY9E0e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-