General

  • Target

    7f6e5e08d9fb67128f7fccc77e294011.exe

  • Size

    399KB

  • Sample

    231012-qrdl2abg71

  • MD5

    7f6e5e08d9fb67128f7fccc77e294011

  • SHA1

    ba918aa4180417de13f9fba10eef72b87bf8c21f

  • SHA256

    37333c4e8cab40f04954ed9dcd231f8eeea9eadc6d86e4f90aed014f21ac2528

  • SHA512

    4164b2bfc311b09e588f9d6ec58e31a39e1e4eb0c9337e25951ec70844ae15d8da8d8c76801cfef82eccd4074831f71b6cdef22a2658236e1618b726a1895afc

  • SSDEEP

    6144:cAZjEN2jicP5iOo2T8VrSd/sUAOicls3OFg8Xs3QUl1Y2yoxk1Sa:cAZgqiG59ouwc++Fsjioxk1Sa

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

51.38.95.107:42494

Attributes
  • auth_value

    3a050df92d0cf082b2cdaf87863616be

Targets

    • Target

      7f6e5e08d9fb67128f7fccc77e294011.exe

    • Size

      399KB

    • MD5

      7f6e5e08d9fb67128f7fccc77e294011

    • SHA1

      ba918aa4180417de13f9fba10eef72b87bf8c21f

    • SHA256

      37333c4e8cab40f04954ed9dcd231f8eeea9eadc6d86e4f90aed014f21ac2528

    • SHA512

      4164b2bfc311b09e588f9d6ec58e31a39e1e4eb0c9337e25951ec70844ae15d8da8d8c76801cfef82eccd4074831f71b6cdef22a2658236e1618b726a1895afc

    • SSDEEP

      6144:cAZjEN2jicP5iOo2T8VrSd/sUAOicls3OFg8Xs3QUl1Y2yoxk1Sa:cAZgqiG59ouwc++Fsjioxk1Sa

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks