General
-
Target
bfaf519df17ea5055fd195bfc24f2622340e7cd7bdac00a391ccc5a2f47a4c47
-
Size
354KB
-
Sample
230813-ztcxysgb5z
-
MD5
b63b4a86b41b277f1e64e13cf0c5034b
-
SHA1
5fbee9f9507e6665d49ff4dc8079a8ee724c94eb
-
SHA256
bfaf519df17ea5055fd195bfc24f2622340e7cd7bdac00a391ccc5a2f47a4c47
-
SHA512
161773d0c69552bc31c8c3a5fcd8e32b103dffd41f2b7ba14997b0eef5ca7e9b7956b9444c3f731ca2a65b78d528e2725e5ed5a71d2d600632d0a40b07b8732c
-
SSDEEP
3072:fXHBbrLMnRN0JnR9eVnzfqwoZd48/dickrsMJttUDNa34L9AJzGePPUDa+591MIp:PRrLMnRmJn+zqryJt+Ne4Zz1MIfsb3+
Static task
static1
Behavioral task
behavioral1
Sample
bfaf519df17ea5055fd195bfc24f2622340e7cd7bdac00a391ccc5a2f47a4c47.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.83.170.21:19447
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
bfaf519df17ea5055fd195bfc24f2622340e7cd7bdac00a391ccc5a2f47a4c47
-
Size
354KB
-
MD5
b63b4a86b41b277f1e64e13cf0c5034b
-
SHA1
5fbee9f9507e6665d49ff4dc8079a8ee724c94eb
-
SHA256
bfaf519df17ea5055fd195bfc24f2622340e7cd7bdac00a391ccc5a2f47a4c47
-
SHA512
161773d0c69552bc31c8c3a5fcd8e32b103dffd41f2b7ba14997b0eef5ca7e9b7956b9444c3f731ca2a65b78d528e2725e5ed5a71d2d600632d0a40b07b8732c
-
SSDEEP
3072:fXHBbrLMnRN0JnR9eVnzfqwoZd48/dickrsMJttUDNa34L9AJzGePPUDa+591MIp:PRrLMnRmJn+zqryJt+Ne4Zz1MIfsb3+
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-