General
-
Target
7ed28c6572ccaafdd3986c0658ca0d2358c45518f77396780b450377eaae462e
-
Size
355KB
-
Sample
240417-q8lzqsag23
-
MD5
a947a3e4b3616497c661ea8ce8aee29a
-
SHA1
b2a9d718a332c5278ed2263cfe43783476a46484
-
SHA256
7ed28c6572ccaafdd3986c0658ca0d2358c45518f77396780b450377eaae462e
-
SHA512
c8bfbbf240ce1760cccd90f169e17a38a979a536c68645888c2e6e3252f7c6948aaef6c2ba6c9ff1262d8858678c96aeebd167003e256c1cb88094949f0f1d94
-
SSDEEP
6144:llaOPxnnPaEe4kbI3cebD2bzJBwm4yi1kUNGhDqMvxV/as7j+ICUW:lLxn4AcCUzjw8akUNGF7pV/aTICUW
Static task
static1
Behavioral task
behavioral1
Sample
c3cff5741919b145dc55c678febd01b98d0f9f491b8384ad0fcbdfe38826bd30.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c3cff5741919b145dc55c678febd01b98d0f9f491b8384ad0fcbdfe38826bd30.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.68:29093
Targets
-
-
Target
c3cff5741919b145dc55c678febd01b98d0f9f491b8384ad0fcbdfe38826bd30.exe
-
Size
392KB
-
MD5
cd83958d1b60e93f0fbe489787cd5fd3
-
SHA1
d135b334686ecf313cdf3bdae2f21a7ff332f3b6
-
SHA256
c3cff5741919b145dc55c678febd01b98d0f9f491b8384ad0fcbdfe38826bd30
-
SHA512
e20872c6c877968b9ff976f259ed4e8d81086605c769039949c736a203e1d5db0a36642e58e755ab4411ee1576a70fcd337f9d41171efbb6a51cc74778b3d947
-
SSDEEP
12288:8S9RdssB7MzhCgmdypuJwWasCIQtnSA3zbO:Dsm7MFCfd0HWBMjbO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-