General
-
Target
4f5949d4f29acac886fc57e87649c031edcb2e0b675fd9537b5e3fc736b93edf_JC.exe
-
Size
382KB
-
Sample
230912-p6rlrsce8v
-
MD5
2b498b3902d5116128b410a3ed895559
-
SHA1
c3eb741abfc77173d465d1eb06f1d9ef79df6efc
-
SHA256
4f5949d4f29acac886fc57e87649c031edcb2e0b675fd9537b5e3fc736b93edf
-
SHA512
66e7dd7893d15640967bfc33a5eddb055dacf2e19a54357137dc0e2ccbff20f6437c27a2f4b0cf6e13ac0d3c343661769c632ad59c63684880850217a3eada55
-
SSDEEP
6144:4AtRVdU5tKqCVkYdkEktqoigAOzbCB4UM6R3czV2vcD3iLHrBi:4D5tHCOPfVXUM6R3sVUCurBi
Static task
static1
Behavioral task
behavioral1
Sample
4f5949d4f29acac886fc57e87649c031edcb2e0b675fd9537b5e3fc736b93edf_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
4f5949d4f29acac886fc57e87649c031edcb2e0b675fd9537b5e3fc736b93edf_JC.exe
Resource
win10v2004-20230831-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
51.38.95.107:42494
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Targets
-
-
Target
4f5949d4f29acac886fc57e87649c031edcb2e0b675fd9537b5e3fc736b93edf_JC.exe
-
Size
382KB
-
MD5
2b498b3902d5116128b410a3ed895559
-
SHA1
c3eb741abfc77173d465d1eb06f1d9ef79df6efc
-
SHA256
4f5949d4f29acac886fc57e87649c031edcb2e0b675fd9537b5e3fc736b93edf
-
SHA512
66e7dd7893d15640967bfc33a5eddb055dacf2e19a54357137dc0e2ccbff20f6437c27a2f4b0cf6e13ac0d3c343661769c632ad59c63684880850217a3eada55
-
SSDEEP
6144:4AtRVdU5tKqCVkYdkEktqoigAOzbCB4UM6R3czV2vcD3iLHrBi:4D5tHCOPfVXUM6R3sVUCurBi
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-