General
-
Target
a23d8fdb467c9a795d6429bfb706d3f2bf399a4f1a4125aaf28db31478e7b1ec
-
Size
325KB
-
Sample
240417-p97gdsgd79
-
MD5
f28e54c2c38ea404e0b8174e2f16f847
-
SHA1
7fe4aa920d3e599d3f10c23589a4fd064006509a
-
SHA256
a23d8fdb467c9a795d6429bfb706d3f2bf399a4f1a4125aaf28db31478e7b1ec
-
SHA512
a2ad197bf6e6247b54b7436b9d250619f82eaae571154cb9597a01537ed1ac89f535f6856af3e3ece1b6fdc5ef44f663446107eb0f1495df694b2422503661c4
-
SSDEEP
6144:5oQ9nFCEJqL61ynsrtEb3ycotFfBsOtb3Nl98R2byHTyzLgsx6RN4xA:5TdU61BtG2iE3Nl98gFLp634e
Static task
static1
Behavioral task
behavioral1
Sample
f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.0:29587
Targets
-
-
Target
f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67.exe
-
Size
342KB
-
MD5
c813ab1235cc9880b05c865da8f0ebae
-
SHA1
8cde3afb841711bb299066d8e8d1ff750de5de41
-
SHA256
f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67
-
SHA512
b3ab59bc5656580bc116905f69e34c8f2ad8424082074e5d69083f77521f2f6a44b1e8100a41e4b9cf1843a012911287b4a766f9de8d2d4ea12912af2babfcfc
-
SSDEEP
6144:Hh90JBso1v0l3PEAHRq6MfYKzx8iq3UcmRq1Dt1j5RzSLs:XgRd09E5tx23UcUqlj3uLs
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-