redline | 706224d01959812281290adc2f43521e5d38d0c3a556b381b8cbac2c2aa90e82 | Triage

Sharing

General

Target

file.exe
Size

396KB
Sample

231011-wcrg8scf6v
MD5

fa15aa45d6e71de5927a75d60bd70f7b
SHA1

e8bafb47eb22cc18d7695625da0937ac3c2d9036
SHA256

706224d01959812281290adc2f43521e5d38d0c3a556b381b8cbac2c2aa90e82
SHA512

412cddc921e1d0402409c82786404df81078bea2af48157500d3b2946b51acfb79a8b29136f9ba64d4e3c0b69d9f7c964e57cbbf849c79c7f288f4603f369e4c
SSDEEP

6144:BLErViSWAs3WHexAVklAOaF2VaAg6U6J7k8edK/EGoPGCc:BL0iSWLT0+K6U60dK/EXGCc

Score

10^/10

redline logsdiller cloud (telegram: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

146.59.10.173:45035

Attributes

auth_value
c2955ed3813a798683a185a82e949f88

Targets

- Target
  
  file.exe
- Size
  
  396KB
- MD5
  
  fa15aa45d6e71de5927a75d60bd70f7b
- SHA1
  
  e8bafb47eb22cc18d7695625da0937ac3c2d9036
- SHA256
  
  706224d01959812281290adc2f43521e5d38d0c3a556b381b8cbac2c2aa90e82
- SHA512
  
  412cddc921e1d0402409c82786404df81078bea2af48157500d3b2946b51acfb79a8b29136f9ba64d4e3c0b69d9f7c964e57cbbf849c79c7f288f4603f369e4c
- SSDEEP
  
  6144:BLErViSWAs3WHexAVklAOaF2VaAg6U6J7k8edK/EGoPGCc:BL0iSWLT0+K6U60dK/EXGCc
Score

10^/10

redline logsdiller cloud (telegram: @logsdillabot)infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinelogsdiller cloud (telegram: @logsdillabot)infostealer

behavioral2

redlinelogsdiller cloud (telegram: @logsdillabot)infostealer