General
-
Target
5f1825aacf117c825570856af2eb1fc17989f693470d0d9cde4b4427a8b4f7cf
-
Size
311KB
-
Sample
230816-vzexaaec7x
-
MD5
6be779d65301255549dc60f76bc47b99
-
SHA1
f0d0f5e4e1243eca251ed53586b40125e62585f5
-
SHA256
5f1825aacf117c825570856af2eb1fc17989f693470d0d9cde4b4427a8b4f7cf
-
SHA512
101c8cba819f9e6eced64f13d13537dfe8b2d82e9f7da5a104c796792c9cb9f51592d052282f4653e75c5b3fa58486028dce6c5191315cde2160b6eea5581fcc
-
SSDEEP
6144:8y8bmLbFavdRLr0YCIPOCfi9l1tC0kDxOrmypc:8hmnF8EYCImlvLuxOr3
Static task
static1
Behavioral task
behavioral1
Sample
5f1825aacf117c825570856af2eb1fc17989f693470d0d9cde4b4427a8b4f7cf.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.83.170.21:19447
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
5f1825aacf117c825570856af2eb1fc17989f693470d0d9cde4b4427a8b4f7cf
-
Size
311KB
-
MD5
6be779d65301255549dc60f76bc47b99
-
SHA1
f0d0f5e4e1243eca251ed53586b40125e62585f5
-
SHA256
5f1825aacf117c825570856af2eb1fc17989f693470d0d9cde4b4427a8b4f7cf
-
SHA512
101c8cba819f9e6eced64f13d13537dfe8b2d82e9f7da5a104c796792c9cb9f51592d052282f4653e75c5b3fa58486028dce6c5191315cde2160b6eea5581fcc
-
SSDEEP
6144:8y8bmLbFavdRLr0YCIPOCfi9l1tC0kDxOrmypc:8hmnF8EYCImlvLuxOr3
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-