General
-
Target
d28d6b8d097021245ad83d37ba25e5126c9e95ed9d7060f10f347d8ec2373222
-
Size
322KB
-
Sample
240417-q3d2yaac84
-
MD5
de5a788742e1faf85f2776cd6adc13bd
-
SHA1
bf973e6a6e58d76331be4b2dfa8a73bb2eaac8cb
-
SHA256
d28d6b8d097021245ad83d37ba25e5126c9e95ed9d7060f10f347d8ec2373222
-
SHA512
3c409e7110a991fc6abc29113d4fea2a537e392f86c265aaf2a14e9aef80b6452b05e0361c702a562a5e32cfe9ecd6299af45fde025a1c97993750c4111ea651
-
SSDEEP
6144:tIJayI/7zBBaposLJFx/YatZxu4OxNJndY2UBySUXaDcFoloNbQuLVFob:tfVB5+mMQ4+JneBySUXaCo+1QyCb
Static task
static1
Behavioral task
behavioral1
Sample
8d762b7f886c8d024c39b5c9eee3f09d1d355d6c99073f2676ccba2c536e37b1.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8d762b7f886c8d024c39b5c9eee3f09d1d355d6c99073f2676ccba2c536e37b1.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.68:29093
Targets
-
-
Target
8d762b7f886c8d024c39b5c9eee3f09d1d355d6c99073f2676ccba2c536e37b1.exe
-
Size
337KB
-
MD5
27fbd137a423484ad08a92248ccc5849
-
SHA1
7ebafc1773af1a58b1b155857a8560e443010807
-
SHA256
8d762b7f886c8d024c39b5c9eee3f09d1d355d6c99073f2676ccba2c536e37b1
-
SHA512
38957236eaec10a203ccd63d79378f7db3c0056f2ff3280cb00dea7ccb4b4eb70b84075bd8d0b25a9192295972529e2d2f6eadd6e90cdafb127ffeeaf1b900e3
-
SSDEEP
6144:hEOAwgZLrjLJQcXSye06NLrUTdXNLBg6Y7FVxGaH:mOWZLrZQcXSyIlrUbq6YZbGaH
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-