redline | 20a8712a4be460868b2d17b02808c22ce205bda235dc8f84e2f71834c04d7a91 | Triage

Sharing

General

Target

20a8712a4be460868b2d17b02808c22ce205bda235dc8f84e2f71834c04d7a91
Size

320KB
Sample

240417-qemzyaac6t
MD5

6552d2e58b84916c2a8f3048edc88f21
SHA1

165b0202c96f7791c7f2f1f049db2dc77b22a4d9
SHA256

20a8712a4be460868b2d17b02808c22ce205bda235dc8f84e2f71834c04d7a91
SHA512

5b3d61d2d07d0beac26fa43ea199055f8e7ae5a718ffe06226e2f5df07c44b79c9e0d4083e414a20276b9e94c9fa2f50e45ef5e1f0f1041daf81abe8d74e3b84
SSDEEP

6144:MVqlBmPhBosLlRA625wAG0nO0wYMTAkBeuDqJfcnnsBoEie:MYBmLosw62O2O0UAksocFBo4

Score

10^/10

redline logsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

- Target
  
  83a7e9e920ed3e08eca3c59f344fd603b1d4f1b65f19545862a1fa6aebe94d1a.exe
- Size
  
  332KB
- MD5
  
  046636f17f09a730132189632525ffb4
- SHA1
  
  6931400160f8275a46683a0eb98ae2c871e3b78d
- SHA256
  
  83a7e9e920ed3e08eca3c59f344fd603b1d4f1b65f19545862a1fa6aebe94d1a
- SHA512
  
  cdc62d3da9ec22d3497f1138f7d4144ae98220623809e701fdabe01f92bef74b86d1e248d0ccf2d581b126b5a2f8f4f02daa96cb76d09ee37e20d605c1c49e4e
- SSDEEP
  
  6144:gTCu4fFrZEej3EunSfgwiUl2Xbh08Lm6qpn6mcNwIqBYmIxETj6DTKzNg1D:a4d1v3EuSf92+8LsYmRj66i1D
Score

10^/10

redline logsdiller cloud (tg: @logsdillabot)infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

redlinelogsdiller cloud (tg: @logsdillabot)infostealer