Overview

overview

10

Static

static

1

f73a31c7e1...67.exe

windows7-x64

3

f73a31c7e1...67.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    beed5a11906f9d68d66bc0785b25f0fc4dee0c679faf21359b79f6cdebeccbc3

  • Size

    325KB

  • Sample

    240417-qds5kaab9v

  • MD5

    f46209eb7ced6acc9901eac17bbfc9dd

  • SHA1

    3400dc30fe362bb2253c6df77bd7732e60b0d4e5

  • SHA256

    beed5a11906f9d68d66bc0785b25f0fc4dee0c679faf21359b79f6cdebeccbc3

  • SHA512

    bb5e0bdfec636f649a29c9604217ef22d71e622b6658bbeaec7c0470bffd56d4de887acf4cc511e43055e26e188ccacdb1f847486a91945dba0507db98bf0dee

  • SSDEEP

    6144:oRRZ7t7Z22XUg6A/5vcoIWt8CHxsHhIFqtrzD2P2aqOQ5lhnWGHTfm5vslGiPxZR:oR9Z2vg6MEWtnHQOMtrfS2WQDBWGzfm0

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

    • Target

      f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67.exe

    • Size

      342KB

    • MD5

      c813ab1235cc9880b05c865da8f0ebae

    • SHA1

      8cde3afb841711bb299066d8e8d1ff750de5de41

    • SHA256

      f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67

    • SHA512

      b3ab59bc5656580bc116905f69e34c8f2ad8424082074e5d69083f77521f2f6a44b1e8100a41e4b9cf1843a012911287b4a766f9de8d2d4ea12912af2babfcfc

    • SSDEEP

      6144:Hh90JBso1v0l3PEAHRq6MfYKzx8iq3UcmRq1Dt1j5RzSLs:XgRd09E5tx23UcUqlj3uLs

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks