General
-
Target
a749e918bd2079db12cda05ba95e61e37648f07b97b076e9a97558bf8e8c5aa3
-
Size
320KB
-
Sample
240417-p3112afh76
-
MD5
d0af2f4d88020489c321afa7dbbaac0f
-
SHA1
78681a7301368c62a7588b3db104dd2ea8225f27
-
SHA256
a749e918bd2079db12cda05ba95e61e37648f07b97b076e9a97558bf8e8c5aa3
-
SHA512
f89069db8d5f61a5cdd7b1e4f7921fcfe591bc58d356c06382a947a9fc4a4b0a41dc22f596fad45b887da1e325e90e9e673a8208942ac5fbb46057e3fb708a39
-
SSDEEP
6144:gvbaAzCGpTJvsFliat+AP8V0gqEp6AzgIwQCtmmoL:4HT9EFliC+VSk8ggfQCtmf
Static task
static1
Behavioral task
behavioral1
Sample
7d06266d2ba7653d4ea295fa3e1df7a89b3194735e3cc3b5cd2964a3f4d1f730.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7d06266d2ba7653d4ea295fa3e1df7a89b3194735e3cc3b5cd2964a3f4d1f730.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.0:29587
Targets
-
-
Target
7d06266d2ba7653d4ea295fa3e1df7a89b3194735e3cc3b5cd2964a3f4d1f730.exe
-
Size
330KB
-
MD5
e30311e2ce32a32a4de2e7955659e501
-
SHA1
80fce1765598631e51d642bb7191e75eae83bb70
-
SHA256
7d06266d2ba7653d4ea295fa3e1df7a89b3194735e3cc3b5cd2964a3f4d1f730
-
SHA512
f69d7be46b07abe0fd4b0db4f6441a6d29640351bfa3bab09fc3d8ab24ea04afb7b098725d75c4a5d6a6124e89b9d951e0c84f72ca0ec297b9d803defbc2d466
-
SSDEEP
6144:ak6bDrmWtZd6l1btJwCpnKE61TiglfVMsVVg0hf2mBnJR0JlnxOagMsuU+:j6b/mW3dGpKESiGGsVVggf2YnT0Jln8O
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-