Overview

overview

10

Static

static

1

83a7e9e920...1a.exe

windows7-x64

10

83a7e9e920...1a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0dc539cb66839cd910ece1d75f8b2887858d0c974963ec9349e27e1d6d804ba9

  • Size

    320KB

  • Sample

    240417-qg8dnagh82

  • MD5

    d7980750a3b6b5984aa5f33a615b0b94

  • SHA1

    bdf876d93f66afd8c8a2dac08f03d9355c1a7822

  • SHA256

    0dc539cb66839cd910ece1d75f8b2887858d0c974963ec9349e27e1d6d804ba9

  • SHA512

    04931e7075a3b2dd0a6dad6512b267a9c2084b00ab4aa294b793c9d366c0289508d0830dd1fb5bc3130461cfbab9066cc3ae9bc99620ae4988bb0815fad02412

  • SSDEEP

    6144:fdq0WYLuvynPGuiVmm6ShN/3PzvDKUHgBgx+7fcQpOTF:fdqBYLuOPDikuNvKvgw9o5

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

    • Target

      83a7e9e920ed3e08eca3c59f344fd603b1d4f1b65f19545862a1fa6aebe94d1a.exe

    • Size

      332KB

    • MD5

      046636f17f09a730132189632525ffb4

    • SHA1

      6931400160f8275a46683a0eb98ae2c871e3b78d

    • SHA256

      83a7e9e920ed3e08eca3c59f344fd603b1d4f1b65f19545862a1fa6aebe94d1a

    • SHA512

      cdc62d3da9ec22d3497f1138f7d4144ae98220623809e701fdabe01f92bef74b86d1e248d0ccf2d581b126b5a2f8f4f02daa96cb76d09ee37e20d605c1c49e4e

    • SSDEEP

      6144:gTCu4fFrZEej3EunSfgwiUl2Xbh08Lm6qpn6mcNwIqBYmIxETj6DTKzNg1D:a4d1v3EuSf92+8LsYmRj66i1D

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks