General

  • Target

    4ad7e274bb4d3d256b4d3a547396fc98f5b69bea7c53178b3cfb2875eb8684b5

  • Size

    341KB

  • Sample

    230817-ldh75sgf28

  • MD5

    3beacfd9e60a36419b76badb0cff598a

  • SHA1

    a8779a1735d6c646175584c03aefced37ec447e4

  • SHA256

    4ad7e274bb4d3d256b4d3a547396fc98f5b69bea7c53178b3cfb2875eb8684b5

  • SHA512

    c75df21823bdbc6c478f866be0614ee51b7b369dd2a10e1f1d240365e601949b6021864f1224fb4925e448966c0d14733158c4085f625a731196751d91d62e21

  • SSDEEP

    6144:sz7LnLdy6rrUcUlacR+owohQe3DBwQ6muFs:sznxy6rg4c0oemw2

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

51.83.170.21:19447

Attributes
  • auth_value

    3a050df92d0cf082b2cdaf87863616be

Targets

    • Target

      4ad7e274bb4d3d256b4d3a547396fc98f5b69bea7c53178b3cfb2875eb8684b5

    • Size

      341KB

    • MD5

      3beacfd9e60a36419b76badb0cff598a

    • SHA1

      a8779a1735d6c646175584c03aefced37ec447e4

    • SHA256

      4ad7e274bb4d3d256b4d3a547396fc98f5b69bea7c53178b3cfb2875eb8684b5

    • SHA512

      c75df21823bdbc6c478f866be0614ee51b7b369dd2a10e1f1d240365e601949b6021864f1224fb4925e448966c0d14733158c4085f625a731196751d91d62e21

    • SSDEEP

      6144:sz7LnLdy6rrUcUlacR+owohQe3DBwQ6muFs:sznxy6rg4c0oemw2

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v15

Tasks