General

  • Target

    76ae75b374bb3453ac6d82d1a85df56cd1d27c3b8e12bee6a7353b1539b5ac23

  • Size

    339KB

  • Sample

    230814-lveahsbc22

  • MD5

    6bedb5f46a81e7ba3d5a038a110ea21c

  • SHA1

    c396263d8de7605774b2374fb14cef331d4bd8f0

  • SHA256

    76ae75b374bb3453ac6d82d1a85df56cd1d27c3b8e12bee6a7353b1539b5ac23

  • SHA512

    0bd7a5d3d47311de53ca9f1adb8bbcd5ffadc63c807b873a7a09bc393690729899c07e551f480e512a5e35470e9fc879787d04c86899e7a87f32e17f672b9125

  • SSDEEP

    6144:97R0u0sk4I/LieJqHZcoDrErhiv38WWDNWBwt:JR9dkd1JOrErK385D4Bwt

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

51.83.170.21:19447

Attributes
  • auth_value

    3a050df92d0cf082b2cdaf87863616be

Targets

    • Target

      76ae75b374bb3453ac6d82d1a85df56cd1d27c3b8e12bee6a7353b1539b5ac23

    • Size

      339KB

    • MD5

      6bedb5f46a81e7ba3d5a038a110ea21c

    • SHA1

      c396263d8de7605774b2374fb14cef331d4bd8f0

    • SHA256

      76ae75b374bb3453ac6d82d1a85df56cd1d27c3b8e12bee6a7353b1539b5ac23

    • SHA512

      0bd7a5d3d47311de53ca9f1adb8bbcd5ffadc63c807b873a7a09bc393690729899c07e551f480e512a5e35470e9fc879787d04c86899e7a87f32e17f672b9125

    • SSDEEP

      6144:97R0u0sk4I/LieJqHZcoDrErhiv38WWDNWBwt:JR9dkd1JOrErK385D4Bwt

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v15

Tasks