Overview

overview

10

Static

static

1

f73a31c7e1...67.exe

windows7-x64

10

f73a31c7e1...67.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a23d8fdb467c9a795d6429bfb706d3f2bf399a4f1a4125aaf28db31478e7b1ec

  • Size

    325KB

  • Sample

    240417-p97gdsgd79

  • MD5

    f28e54c2c38ea404e0b8174e2f16f847

  • SHA1

    7fe4aa920d3e599d3f10c23589a4fd064006509a

  • SHA256

    a23d8fdb467c9a795d6429bfb706d3f2bf399a4f1a4125aaf28db31478e7b1ec

  • SHA512

    a2ad197bf6e6247b54b7436b9d250619f82eaae571154cb9597a01537ed1ac89f535f6856af3e3ece1b6fdc5ef44f663446107eb0f1495df694b2422503661c4

  • SSDEEP

    6144:5oQ9nFCEJqL61ynsrtEb3ycotFfBsOtb3Nl98R2byHTyzLgsx6RN4xA:5TdU61BtG2iE3Nl98gFLp634e

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

    • Target

      f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67.exe

    • Size

      342KB

    • MD5

      c813ab1235cc9880b05c865da8f0ebae

    • SHA1

      8cde3afb841711bb299066d8e8d1ff750de5de41

    • SHA256

      f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67

    • SHA512

      b3ab59bc5656580bc116905f69e34c8f2ad8424082074e5d69083f77521f2f6a44b1e8100a41e4b9cf1843a012911287b4a766f9de8d2d4ea12912af2babfcfc

    • SSDEEP

      6144:Hh90JBso1v0l3PEAHRq6MfYKzx8iq3UcmRq1Dt1j5RzSLs:XgRd09E5tx23UcUqlj3uLs

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks