Overview

overview

10

Static

static

1

7d06266d2b...30.exe

windows7-x64

10

7d06266d2b...30.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ae940b420c8bf17274af8b7f67b61b3221c73c3e5d05c1d073d47f5a4a9f20ab

  • Size

    320KB

  • Sample

    240417-p5q9lsga85

  • MD5

    3a787699d24dd913146b1379354fdb7d

  • SHA1

    dd42c0a5cf8989235aecf89bd636dda642b4e394

  • SHA256

    ae940b420c8bf17274af8b7f67b61b3221c73c3e5d05c1d073d47f5a4a9f20ab

  • SHA512

    1e32fc685143f9bbb3fe0d100558bc200877e6b46b292936f837a01f4aa3cf08f2c3038af9492dec1a69152f80321a60a6d6d50923a4b1f9c36995a7378d8f79

  • SSDEEP

    6144:Rl5+irF7I/5kvgvat5kaW5LIQiRADi7FEDdjA3aiZgpBuj1QRjN/7q50F9JNqB12:RldIhmAaWi2gadnu1SNDz4QV

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

    • Target

      7d06266d2ba7653d4ea295fa3e1df7a89b3194735e3cc3b5cd2964a3f4d1f730.exe

    • Size

      330KB

    • MD5

      e30311e2ce32a32a4de2e7955659e501

    • SHA1

      80fce1765598631e51d642bb7191e75eae83bb70

    • SHA256

      7d06266d2ba7653d4ea295fa3e1df7a89b3194735e3cc3b5cd2964a3f4d1f730

    • SHA512

      f69d7be46b07abe0fd4b0db4f6441a6d29640351bfa3bab09fc3d8ab24ea04afb7b098725d75c4a5d6a6124e89b9d951e0c84f72ca0ec297b9d803defbc2d466

    • SSDEEP

      6144:ak6bDrmWtZd6l1btJwCpnKE61TiglfVMsVVg0hf2mBnJR0JlnxOagMsuU+:j6b/mW3dGpKESiGGsVVggf2YnT0Jln8O

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks