Overview

overview

10

Static

static

3

52c8947c40...e2.exe

windows7-x64

10

52c8947c40...e2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b3b88a4fc158ec745ce512e7549c15dc329e871a090c94f6f0c8d1d931154792

  • Size

    343KB

  • Sample

    240417-q1ntcsbg2v

  • MD5

    7a547124368d8fe0f5d35d96a9b0ffbc

  • SHA1

    7594d68fa63c9b0a70346f9245a5666883f21c9b

  • SHA256

    b3b88a4fc158ec745ce512e7549c15dc329e871a090c94f6f0c8d1d931154792

  • SHA512

    37a5cb5fd9bd2ce9516af997506bf4af3ac684bf2284eba3dd9c76c6616fdc53687f5185cecbefc143e9a4c05f3b2f3a3a5425bd806d57945d464683b8fba9d7

  • SSDEEP

    6144:hpE28HwJ3p6M/rdSblfYHYGrJP4MZhzbTi9tnVoDnZ4yzpHcICzU7dLoO:fIHwj6G5Olf+YU4Wni3nVoDnZVtH7d7

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

    • Target

      52c8947c40ed9f6facea49a5986f4232af6aadd73fbc395de25bfce50bc8a7e2.exe

    • Size

      390KB

    • MD5

      57527c8a34c0cac7dae9e528bfc54af0

    • SHA1

      48f6cb641842cc47e06c04e94064e0e33edb8af8

    • SHA256

      52c8947c40ed9f6facea49a5986f4232af6aadd73fbc395de25bfce50bc8a7e2

    • SHA512

      8690348f1efe3c070b5e0df344b3f3e048684e784f6c29a0cea727a1b7a42395d7d2d2ed73602ab0f31813d363fc3d6584a70702571ce1182fc5e3ec808d98fa

    • SSDEEP

      6144:TQQpEcFOPQfoMnM09GVFC/dKejaM7ggQEiLMuZTiyoSVDl7J9PhgVv5RK:TQQpdFOYf5InCFKMatPTilSVh77Qr

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks