General

  • Target

    50f6cf2beb2bb843bcac1ad02fa62f30ede419d5177b7cf433b99d018d3282b7

  • Size

    1.0MB

  • Sample

    231012-j4bvmsae34

  • MD5

    1ea58007c278b395cd5c2c581240a4f9

  • SHA1

    c64fc387ec77f35303fcd82284e2108a69ded84d

  • SHA256

    50f6cf2beb2bb843bcac1ad02fa62f30ede419d5177b7cf433b99d018d3282b7

  • SHA512

    3127d0621c4ba8d34986117f96c6f4ebd947597f45bf727f91582d4a34c680150e98e160bee9bc39c71dd94716e5b8e5bffc33c97803a2c4f40008c6c6711220

  • SSDEEP

    12288:GonYdPenEp953bXeTY2Bfo8ovNFJIRXTT5xKuLp+llUxCQ99ndcuz5:HYPenEp953bsfo8+ncTlxL99dcu9

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

51.38.95.107:42494

Attributes
  • auth_value

    3a050df92d0cf082b2cdaf87863616be

Targets

    • Target

      50f6cf2beb2bb843bcac1ad02fa62f30ede419d5177b7cf433b99d018d3282b7

    • Size

      1.0MB

    • MD5

      1ea58007c278b395cd5c2c581240a4f9

    • SHA1

      c64fc387ec77f35303fcd82284e2108a69ded84d

    • SHA256

      50f6cf2beb2bb843bcac1ad02fa62f30ede419d5177b7cf433b99d018d3282b7

    • SHA512

      3127d0621c4ba8d34986117f96c6f4ebd947597f45bf727f91582d4a34c680150e98e160bee9bc39c71dd94716e5b8e5bffc33c97803a2c4f40008c6c6711220

    • SSDEEP

      12288:GonYdPenEp953bXeTY2Bfo8ovNFJIRXTT5xKuLp+llUxCQ99ndcuz5:HYPenEp953bsfo8+ncTlxL99dcu9

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks