General
-
Target
2156-193-0x0000000003920000-0x0000000003954000-memory.dmp
-
Size
208KB
-
Sample
230813-s8b6msdc52
-
MD5
1f2b84a69f4cf0466dd11001e3c750eb
-
SHA1
bb7ce2fe3b24e654206a125129ecf8d3404b9885
-
SHA256
345c97d7cde625e78a1600a0994ce2efb98824bf8bb5a1e9dd4e46f48925972a
-
SHA512
7484e4ef081aca76b54a2b556c61bb8b985e45421e43553118d5401f5d9586532428fa4b4eb7146228c08d2f9e68a3b0070f890762a2692084870bdf980fdb4a
-
SSDEEP
3072:jzhrmtU/f3YIInGpDvw/1oPYqSaVXr2nhK9w4hxwaD8d8e8hl:5rmtU/gIInG6oAqBVXrmhKZ5e
Behavioral task
behavioral1
Sample
2156-193-0x0000000003920000-0x0000000003954000-memory.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
2156-193-0x0000000003920000-0x0000000003954000-memory.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.83.170.21:19447
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
2156-193-0x0000000003920000-0x0000000003954000-memory.dmp
-
Size
208KB
-
MD5
1f2b84a69f4cf0466dd11001e3c750eb
-
SHA1
bb7ce2fe3b24e654206a125129ecf8d3404b9885
-
SHA256
345c97d7cde625e78a1600a0994ce2efb98824bf8bb5a1e9dd4e46f48925972a
-
SHA512
7484e4ef081aca76b54a2b556c61bb8b985e45421e43553118d5401f5d9586532428fa4b4eb7146228c08d2f9e68a3b0070f890762a2692084870bdf980fdb4a
-
SSDEEP
3072:jzhrmtU/f3YIInGpDvw/1oPYqSaVXr2nhK9w4hxwaD8d8e8hl:5rmtU/gIInG6oAqBVXrmhKZ5e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-