Overview

overview

10

Static

static

1

d5d2a698d3...52.exe

windows7-x64

10

d5d2a698d3...52.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6abee9bb49295d3c087933a8d68af3dbecde3880bb39aded1cac5e3f42332ba0

  • Size

    321KB

  • Sample

    240417-qdqdnsab8z

  • MD5

    17377745c5709675390468e355d9791e

  • SHA1

    7289a6874034ca3a02ff2504f79a95c367e1d55c

  • SHA256

    6abee9bb49295d3c087933a8d68af3dbecde3880bb39aded1cac5e3f42332ba0

  • SHA512

    32950f57ad7e0a43c5e7c29aa8320abf5c29022e3605502a387a7e56cbc73241c1052924c5b909015d492092f8762f32d2c0743e86d4fefa3b73044f2b95f4c9

  • SSDEEP

    6144:NWltWZ6tptJRN1IrBaSF8ZuLCWTI0NIyBxcONY87r9utIU4VSSxZ6u4wvCTNWV:NWlMspNurcSFtLCWJNZDNY87YIU4VLPP

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

    • Target

      d5d2a698d3e63631ef0e23dabec79f49e4173105eb267d2d59309a8c39c3ba52.exe

    • Size

      331KB

    • MD5

      9ef39d6f27e41fc29f9d10acfa5a17c9

    • SHA1

      4309f3b9cbaafb909c9cf1cf85503c6cfa71b565

    • SHA256

      d5d2a698d3e63631ef0e23dabec79f49e4173105eb267d2d59309a8c39c3ba52

    • SHA512

      0746c8c18055db103628149ce75607e0bb764eb267301c39aa6327fa6346aeefcb6d040afaa9424e7c47315d49239ff24eb24d0da57348ba77297bbc15141e5b

    • SSDEEP

      6144:2UNT52ujFIdj3e3zpQiaRdY2zZxbkHmNeM7AttjUoM/:BT5ZjFWDebEjzkoqe/

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks