General
-
Target
78eca35f5168403cd09bc28c966596653b4f489f2276d62603f0c93bc12d3157
-
Size
306KB
-
Sample
240417-p3c9zahd6z
-
MD5
9a2a1a932ac33ff5956e3b76f13dc5a4
-
SHA1
cc8a93d75fe394f79f8f5ad599fb36ce4d9af71d
-
SHA256
78eca35f5168403cd09bc28c966596653b4f489f2276d62603f0c93bc12d3157
-
SHA512
3e1d8992a3a044eb592b9f3f673545d3af604e77026b46a233b986391585606a7da6c63a700846020873355f4a985307003228fdc0e892774a9cb90705619480
-
SSDEEP
6144:COC+pe/TkuTUv3WaAfvaVQHbb44PJXbACwu9wPWlYhrCG920BWD23p:COCdVUvmMUjPR2wwYY1og73p
Static task
static1
Behavioral task
behavioral1
Sample
35feec04d26790253e1ad9417d19018bc888dc9275f46f80d5ac95050640ba02.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
35feec04d26790253e1ad9417d19018bc888dc9275f46f80d5ac95050640ba02.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.0:29587
Targets
-
-
Target
35feec04d26790253e1ad9417d19018bc888dc9275f46f80d5ac95050640ba02.exe
-
Size
310KB
-
MD5
642edae675919da74bc135af133467a2
-
SHA1
2560c68a54a347f888b3975857946328bd01833b
-
SHA256
35feec04d26790253e1ad9417d19018bc888dc9275f46f80d5ac95050640ba02
-
SHA512
b4dc4733a66337dc939f66c55fc4b357d3b6044b318edc7faba8c2ef2aa92d86b25602cfb376edba2a64ed6e60bba62f809f386db5dca2b670ad7a97d0d66fde
-
SSDEEP
6144:/wL1Vv5XavvDlEVgeYKbNEYctcTvLNxkzhvyFg9yOpU6UXEiDzo/B8q47SGmcDm:a1uvkxbOTtcTvQHsOpU6YXA/47SGmcD
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-