General
-
Target
6abee9bb49295d3c087933a8d68af3dbecde3880bb39aded1cac5e3f42332ba0
-
Size
321KB
-
Sample
240417-qdqdnsab8z
-
MD5
17377745c5709675390468e355d9791e
-
SHA1
7289a6874034ca3a02ff2504f79a95c367e1d55c
-
SHA256
6abee9bb49295d3c087933a8d68af3dbecde3880bb39aded1cac5e3f42332ba0
-
SHA512
32950f57ad7e0a43c5e7c29aa8320abf5c29022e3605502a387a7e56cbc73241c1052924c5b909015d492092f8762f32d2c0743e86d4fefa3b73044f2b95f4c9
-
SSDEEP
6144:NWltWZ6tptJRN1IrBaSF8ZuLCWTI0NIyBxcONY87r9utIU4VSSxZ6u4wvCTNWV:NWlMspNurcSFtLCWJNZDNY87YIU4VLPP
Static task
static1
Behavioral task
behavioral1
Sample
d5d2a698d3e63631ef0e23dabec79f49e4173105eb267d2d59309a8c39c3ba52.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
d5d2a698d3e63631ef0e23dabec79f49e4173105eb267d2d59309a8c39c3ba52.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.0:29587
Targets
-
-
Target
d5d2a698d3e63631ef0e23dabec79f49e4173105eb267d2d59309a8c39c3ba52.exe
-
Size
331KB
-
MD5
9ef39d6f27e41fc29f9d10acfa5a17c9
-
SHA1
4309f3b9cbaafb909c9cf1cf85503c6cfa71b565
-
SHA256
d5d2a698d3e63631ef0e23dabec79f49e4173105eb267d2d59309a8c39c3ba52
-
SHA512
0746c8c18055db103628149ce75607e0bb764eb267301c39aa6327fa6346aeefcb6d040afaa9424e7c47315d49239ff24eb24d0da57348ba77297bbc15141e5b
-
SSDEEP
6144:2UNT52ujFIdj3e3zpQiaRdY2zZxbkHmNeM7AttjUoM/:BT5ZjFWDebEjzkoqe/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-