General
-
Target
0dc539cb66839cd910ece1d75f8b2887858d0c974963ec9349e27e1d6d804ba9
-
Size
320KB
-
Sample
240417-qg8dnagh82
-
MD5
d7980750a3b6b5984aa5f33a615b0b94
-
SHA1
bdf876d93f66afd8c8a2dac08f03d9355c1a7822
-
SHA256
0dc539cb66839cd910ece1d75f8b2887858d0c974963ec9349e27e1d6d804ba9
-
SHA512
04931e7075a3b2dd0a6dad6512b267a9c2084b00ab4aa294b793c9d366c0289508d0830dd1fb5bc3130461cfbab9066cc3ae9bc99620ae4988bb0815fad02412
-
SSDEEP
6144:fdq0WYLuvynPGuiVmm6ShN/3PzvDKUHgBgx+7fcQpOTF:fdqBYLuOPDikuNvKvgw9o5
Static task
static1
Behavioral task
behavioral1
Sample
83a7e9e920ed3e08eca3c59f344fd603b1d4f1b65f19545862a1fa6aebe94d1a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
83a7e9e920ed3e08eca3c59f344fd603b1d4f1b65f19545862a1fa6aebe94d1a.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.0:29587
Targets
-
-
Target
83a7e9e920ed3e08eca3c59f344fd603b1d4f1b65f19545862a1fa6aebe94d1a.exe
-
Size
332KB
-
MD5
046636f17f09a730132189632525ffb4
-
SHA1
6931400160f8275a46683a0eb98ae2c871e3b78d
-
SHA256
83a7e9e920ed3e08eca3c59f344fd603b1d4f1b65f19545862a1fa6aebe94d1a
-
SHA512
cdc62d3da9ec22d3497f1138f7d4144ae98220623809e701fdabe01f92bef74b86d1e248d0ccf2d581b126b5a2f8f4f02daa96cb76d09ee37e20d605c1c49e4e
-
SSDEEP
6144:gTCu4fFrZEej3EunSfgwiUl2Xbh08Lm6qpn6mcNwIqBYmIxETj6DTKzNg1D:a4d1v3EuSf92+8LsYmRj66i1D
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-