General
-
Target
1df9039fc60a64d1518ff99904bff0b09a322fca721c4f75a6be8b8883be56e1
-
Size
324KB
-
Sample
240417-q4vfbabh9y
-
MD5
b093fab7083d20a33cfac7f6c13ff609
-
SHA1
0befab3baf18f18b0ab7346860092df37b87aeb0
-
SHA256
1df9039fc60a64d1518ff99904bff0b09a322fca721c4f75a6be8b8883be56e1
-
SHA512
46a3fe48d018e14633d74bc9c6e9dbf34befe8032071c9f35d8151cdf509a9b802c124027e8c589731fd3f1b144bd9a27092d56756cf7df254657d2386c7d2a5
-
SSDEEP
6144:ZwTyluPE7V8dwaBwbGYWMARHO+MS+zABoDKpqqBts+++HCi/m1ov:GTPkqMO8SQABah8Pii/my
Static task
static1
Behavioral task
behavioral1
Sample
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.0:29587
Targets
-
-
Target
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54.exe
-
Size
336KB
-
MD5
9aa0e1cb84eaa0bf8e0c69154b797261
-
SHA1
fec3447e88cc504eb088a2c7e3f7a493e339aa1e
-
SHA256
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54
-
SHA512
4856fa4b27b22f539a4e8f2d68460954a265578e3c5eeb7836e35bda8488091d52114349d9a131fec5fd04e5c4ad7a420a5b1ac58253467ce7eeb36220098019
-
SSDEEP
6144:ycPfB2bf33rP/bWR/3gM/wniJGlXQukamPRiUx8pT76T7Qn48n:DZ2bvbP/b43R43lZkvRijg7Qnp
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-