Overview

overview

10

Static

static

3

52c8947c40...e2.exe

windows7-x64

10

52c8947c40...e2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a6c2c647ca5c61a35fd1cdbafb478440374fa491f5ab36f34510dd4ed5e946b

  • Size

    343KB

  • Sample

    240417-q38xbabh6v

  • MD5

    f6010db9e0adda06d853c730cbfea091

  • SHA1

    083f6a2908c61c7266bd69946b82a457b65a01de

  • SHA256

    8a6c2c647ca5c61a35fd1cdbafb478440374fa491f5ab36f34510dd4ed5e946b

  • SHA512

    1d541793ef5469690963a09d69b3fa98633a0ed8a34b03f1df51a65696aabd666e767b6396b26234ee5fb2f40715d3463d1b83fc2d5d929485d70dee5773b6c4

  • SSDEEP

    6144:Bm56U/VZ2xaz6beous7xzEBSkVh8ODSVNLwl3d6+Pwava91jsCXCJswORvjb:E5d2beouMVk38TvwxdVPYnjsCXqsrFjb

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

    • Target

      52c8947c40ed9f6facea49a5986f4232af6aadd73fbc395de25bfce50bc8a7e2.exe

    • Size

      390KB

    • MD5

      57527c8a34c0cac7dae9e528bfc54af0

    • SHA1

      48f6cb641842cc47e06c04e94064e0e33edb8af8

    • SHA256

      52c8947c40ed9f6facea49a5986f4232af6aadd73fbc395de25bfce50bc8a7e2

    • SHA512

      8690348f1efe3c070b5e0df344b3f3e048684e784f6c29a0cea727a1b7a42395d7d2d2ed73602ab0f31813d363fc3d6584a70702571ce1182fc5e3ec808d98fa

    • SSDEEP

      6144:TQQpEcFOPQfoMnM09GVFC/dKejaM7ggQEiLMuZTiyoSVDl7J9PhgVv5RK:TQQpdFOYf5InCFKMatPTilSVh77Qr

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks