General
-
Target
b3b88a4fc158ec745ce512e7549c15dc329e871a090c94f6f0c8d1d931154792
-
Size
343KB
-
Sample
240417-q1ntcsbg2v
-
MD5
7a547124368d8fe0f5d35d96a9b0ffbc
-
SHA1
7594d68fa63c9b0a70346f9245a5666883f21c9b
-
SHA256
b3b88a4fc158ec745ce512e7549c15dc329e871a090c94f6f0c8d1d931154792
-
SHA512
37a5cb5fd9bd2ce9516af997506bf4af3ac684bf2284eba3dd9c76c6616fdc53687f5185cecbefc143e9a4c05f3b2f3a3a5425bd806d57945d464683b8fba9d7
-
SSDEEP
6144:hpE28HwJ3p6M/rdSblfYHYGrJP4MZhzbTi9tnVoDnZ4yzpHcICzU7dLoO:fIHwj6G5Olf+YU4Wni3nVoDnZVtH7d7
Static task
static1
Behavioral task
behavioral1
Sample
52c8947c40ed9f6facea49a5986f4232af6aadd73fbc395de25bfce50bc8a7e2.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
52c8947c40ed9f6facea49a5986f4232af6aadd73fbc395de25bfce50bc8a7e2.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.0:29587
Targets
-
-
Target
52c8947c40ed9f6facea49a5986f4232af6aadd73fbc395de25bfce50bc8a7e2.exe
-
Size
390KB
-
MD5
57527c8a34c0cac7dae9e528bfc54af0
-
SHA1
48f6cb641842cc47e06c04e94064e0e33edb8af8
-
SHA256
52c8947c40ed9f6facea49a5986f4232af6aadd73fbc395de25bfce50bc8a7e2
-
SHA512
8690348f1efe3c070b5e0df344b3f3e048684e784f6c29a0cea727a1b7a42395d7d2d2ed73602ab0f31813d363fc3d6584a70702571ce1182fc5e3ec808d98fa
-
SSDEEP
6144:TQQpEcFOPQfoMnM09GVFC/dKejaM7ggQEiLMuZTiyoSVDl7J9PhgVv5RK:TQQpdFOYf5InCFKMatPTilSVh77Qr
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-