General
-
Target
20a8712a4be460868b2d17b02808c22ce205bda235dc8f84e2f71834c04d7a91
-
Size
320KB
-
Sample
240417-qemzyaac6t
-
MD5
6552d2e58b84916c2a8f3048edc88f21
-
SHA1
165b0202c96f7791c7f2f1f049db2dc77b22a4d9
-
SHA256
20a8712a4be460868b2d17b02808c22ce205bda235dc8f84e2f71834c04d7a91
-
SHA512
5b3d61d2d07d0beac26fa43ea199055f8e7ae5a718ffe06226e2f5df07c44b79c9e0d4083e414a20276b9e94c9fa2f50e45ef5e1f0f1041daf81abe8d74e3b84
-
SSDEEP
6144:MVqlBmPhBosLlRA625wAG0nO0wYMTAkBeuDqJfcnnsBoEie:MYBmLosw62O2O0UAksocFBo4
Static task
static1
Behavioral task
behavioral1
Sample
83a7e9e920ed3e08eca3c59f344fd603b1d4f1b65f19545862a1fa6aebe94d1a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
83a7e9e920ed3e08eca3c59f344fd603b1d4f1b65f19545862a1fa6aebe94d1a.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.0:29587
Targets
-
-
Target
83a7e9e920ed3e08eca3c59f344fd603b1d4f1b65f19545862a1fa6aebe94d1a.exe
-
Size
332KB
-
MD5
046636f17f09a730132189632525ffb4
-
SHA1
6931400160f8275a46683a0eb98ae2c871e3b78d
-
SHA256
83a7e9e920ed3e08eca3c59f344fd603b1d4f1b65f19545862a1fa6aebe94d1a
-
SHA512
cdc62d3da9ec22d3497f1138f7d4144ae98220623809e701fdabe01f92bef74b86d1e248d0ccf2d581b126b5a2f8f4f02daa96cb76d09ee37e20d605c1c49e4e
-
SSDEEP
6144:gTCu4fFrZEej3EunSfgwiUl2Xbh08Lm6qpn6mcNwIqBYmIxETj6DTKzNg1D:a4d1v3EuSf92+8LsYmRj66i1D
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-