Overview

overview

10

Static

static

3

d120ced383...5b.exe

windows7-x64

10

d120ced383...5b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    723db1a6d8e5df6921078dff2f7d46944915ddc4bf7ee2ca6c5d929e63d5fa71

  • Size

    306KB

  • Sample

    240417-p2f98sfg83

  • MD5

    9a7fc572e5096431d060cdbab5effec9

  • SHA1

    d8bd0f8b7b75ead6c48aff5d54f5bd20bf768788

  • SHA256

    723db1a6d8e5df6921078dff2f7d46944915ddc4bf7ee2ca6c5d929e63d5fa71

  • SHA512

    da344ffcfc752699a79c28aee26940dfbd2bed57f789604e2766b0c1ca41e139157d44e08207183c5b47f7a841db53bd36e23709e38bbdfbeaa9a2289505e840

  • SSDEEP

    6144:Y+Ella0Y/V/Vm4T4c+sp96+ATnExfDrlqJRwJEbKefDJZna2AzKaJh0:fMQ0Y/V/Vf+sp99ATnuN3Em4tIvtJO

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

    • Target

      d120ced38346298e6050d82c112c10fabbbd240b759212b545658c0e9289165b.exe

    • Size

      310KB

    • MD5

      b1284512da39510cfad55c9d000c6973

    • SHA1

      3fd55ac23698711601535781153a1047b4f9a65b

    • SHA256

      d120ced38346298e6050d82c112c10fabbbd240b759212b545658c0e9289165b

    • SHA512

      900ec06137461241e8cc428fab2d0dc2620f23d58db0b1306c08e7f1c83e1c36d12c0391b5ef8d3c3257eff50ecfd45e510b347c9479d1b3b9a889a491d8762b

    • SSDEEP

      6144:jB3dEsS3I3j8RMQ+RILLh/AYOOifna9WaKYtcfVByVxckHOT6I6Fqb:jJdEA4V+Ro5OGW5IO/y4kuTwA

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks