General
-
Target
aeb4a72491c528ca677c44048f35d16a2f0cb2e204dee39001d7430c9325413a
-
Size
351KB
-
Sample
240417-q7wsjsaf65
-
MD5
3a03ee30cb6a06247c27b39249220451
-
SHA1
c2bb97267b7a5c078e19bebf2e2fdb94f70aae56
-
SHA256
aeb4a72491c528ca677c44048f35d16a2f0cb2e204dee39001d7430c9325413a
-
SHA512
3d214764191d928dacea56a5f4696805358646e6caa15c608aee2beb6b9ec455a0155cbf7fd8f1abadd3bd4e780f3596d08f2ec836f5bc20861a6ab8ee26dbce
-
SSDEEP
6144:hheRb003db+JZpgVfD1g+h5SebmWGib65xUV9V1G5WcFgGJvHrrn:hhEdbkJY5Sejlb65M1G5Wcjrrn
Static task
static1
Behavioral task
behavioral1
Sample
8108dd9d10c1a9dcd721a122976390864ca55b91a784eb9b841e6117b3b90f3e.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8108dd9d10c1a9dcd721a122976390864ca55b91a784eb9b841e6117b3b90f3e.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.68:29093
Targets
-
-
Target
8108dd9d10c1a9dcd721a122976390864ca55b91a784eb9b841e6117b3b90f3e.exe
-
Size
388KB
-
MD5
d29a59208ba49db090c5957dface3f79
-
SHA1
467e27d271b4740ac867958a021f27bdfa492628
-
SHA256
8108dd9d10c1a9dcd721a122976390864ca55b91a784eb9b841e6117b3b90f3e
-
SHA512
5d84185f7099391f88a0b40a3be717c6fed7005246d6f7f9381b1ff7d5ec632b2c9fe91ac5b7036c19a06dc854727fe386593204557a4a93e1aabab6daf6a511
-
SSDEEP
6144:mC9T7uZL/RacaJgbipiG0DsavyCscTnt5q6PL0aENWyW42eU2hBu:mY/+tvip1+aCJnt5q6PYWT1r2hBu
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-