Overview

overview

10

Static

static

3

35feec04d2...02.exe

windows7-x64

10

35feec04d2...02.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    78eca35f5168403cd09bc28c966596653b4f489f2276d62603f0c93bc12d3157

  • Size

    306KB

  • Sample

    240417-p3c9zahd6z

  • MD5

    9a2a1a932ac33ff5956e3b76f13dc5a4

  • SHA1

    cc8a93d75fe394f79f8f5ad599fb36ce4d9af71d

  • SHA256

    78eca35f5168403cd09bc28c966596653b4f489f2276d62603f0c93bc12d3157

  • SHA512

    3e1d8992a3a044eb592b9f3f673545d3af604e77026b46a233b986391585606a7da6c63a700846020873355f4a985307003228fdc0e892774a9cb90705619480

  • SSDEEP

    6144:COC+pe/TkuTUv3WaAfvaVQHbb44PJXbACwu9wPWlYhrCG920BWD23p:COCdVUvmMUjPR2wwYY1og73p

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

    • Target

      35feec04d26790253e1ad9417d19018bc888dc9275f46f80d5ac95050640ba02.exe

    • Size

      310KB

    • MD5

      642edae675919da74bc135af133467a2

    • SHA1

      2560c68a54a347f888b3975857946328bd01833b

    • SHA256

      35feec04d26790253e1ad9417d19018bc888dc9275f46f80d5ac95050640ba02

    • SHA512

      b4dc4733a66337dc939f66c55fc4b357d3b6044b318edc7faba8c2ef2aa92d86b25602cfb376edba2a64ed6e60bba62f809f386db5dca2b670ad7a97d0d66fde

    • SSDEEP

      6144:/wL1Vv5XavvDlEVgeYKbNEYctcTvLNxkzhvyFg9yOpU6UXEiDzo/B8q47SGmcDm:a1uvkxbOTtcTvQHsOpU6YXA/47SGmcD

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks