General
-
Target
beed5a11906f9d68d66bc0785b25f0fc4dee0c679faf21359b79f6cdebeccbc3
-
Size
325KB
-
Sample
240417-qds5kaab9v
-
MD5
f46209eb7ced6acc9901eac17bbfc9dd
-
SHA1
3400dc30fe362bb2253c6df77bd7732e60b0d4e5
-
SHA256
beed5a11906f9d68d66bc0785b25f0fc4dee0c679faf21359b79f6cdebeccbc3
-
SHA512
bb5e0bdfec636f649a29c9604217ef22d71e622b6658bbeaec7c0470bffd56d4de887acf4cc511e43055e26e188ccacdb1f847486a91945dba0507db98bf0dee
-
SSDEEP
6144:oRRZ7t7Z22XUg6A/5vcoIWt8CHxsHhIFqtrzD2P2aqOQ5lhnWGHTfm5vslGiPxZR:oR9Z2vg6MEWtnHQOMtrfS2WQDBWGzfm0
Static task
static1
Behavioral task
behavioral1
Sample
f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.0:29587
Targets
-
-
Target
f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67.exe
-
Size
342KB
-
MD5
c813ab1235cc9880b05c865da8f0ebae
-
SHA1
8cde3afb841711bb299066d8e8d1ff750de5de41
-
SHA256
f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67
-
SHA512
b3ab59bc5656580bc116905f69e34c8f2ad8424082074e5d69083f77521f2f6a44b1e8100a41e4b9cf1843a012911287b4a766f9de8d2d4ea12912af2babfcfc
-
SSDEEP
6144:Hh90JBso1v0l3PEAHRq6MfYKzx8iq3UcmRq1Dt1j5RzSLs:XgRd09E5tx23UcUqlj3uLs
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-