General
-
Target
568-139-0x0000000002490000-0x00000000024C4000-memory.dmp
-
Size
208KB
-
Sample
230814-h8ml9sad87
-
MD5
81c6e044448ee99028ba7720c5bf1e58
-
SHA1
c683cf48d4dfa939614965a46466fce1a9d373cd
-
SHA256
055cd616a8b35483c45e05edc480d5d6e049954807fff75a74969f4e54be81e1
-
SHA512
5d7cb13216d94d92c013afc92e5e259027958a4c14f2f824e9a7876082696e145772b852ce84b761765d005d7999bdbbaa4acb8de6828eedd0dbaa044628f49b
-
SSDEEP
3072:jzhrmtU/f3YIInGpDvw/1oPYqSaVXr2nhK9w4hxwaD8d8e8hlW:5rmtU/gIInG6oAqBVXrmhKZ5eD
Behavioral task
behavioral1
Sample
568-139-0x0000000002490000-0x00000000024C4000-memory.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
568-139-0x0000000002490000-0x00000000024C4000-memory.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.83.170.21:19447
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
568-139-0x0000000002490000-0x00000000024C4000-memory.dmp
-
Size
208KB
-
MD5
81c6e044448ee99028ba7720c5bf1e58
-
SHA1
c683cf48d4dfa939614965a46466fce1a9d373cd
-
SHA256
055cd616a8b35483c45e05edc480d5d6e049954807fff75a74969f4e54be81e1
-
SHA512
5d7cb13216d94d92c013afc92e5e259027958a4c14f2f824e9a7876082696e145772b852ce84b761765d005d7999bdbbaa4acb8de6828eedd0dbaa044628f49b
-
SSDEEP
3072:jzhrmtU/f3YIInGpDvw/1oPYqSaVXr2nhK9w4hxwaD8d8e8hlW:5rmtU/gIInG6oAqBVXrmhKZ5eD
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-