General
-
Target
d6f6c587a7eb29f5a7877e9389d52c5fe5280ec4365249b2a918aba908727770
-
Size
355KB
-
Sample
240417-qv3ekabd3x
-
MD5
0550b38a5383388c982b0644eed5c050
-
SHA1
70cb28e46160be040a192805b6fe6abc01cec502
-
SHA256
d6f6c587a7eb29f5a7877e9389d52c5fe5280ec4365249b2a918aba908727770
-
SHA512
95c52d4a0b370992b5cceeceb9d1f7b5583d1faf1be12ca01f4b81a9035f96a06aaaaa8dcc519d8977a608c37d3a06ba00ef5726889690521bb4b5dc9e1f3b79
-
SSDEEP
6144:0NVkT34dJY9co38f2gBRV2sfpYzRrqIIZwdHI3Q8mMDauhvyQei/TU:0gIwf3XgBFpYN+V3PmMDayvhY
Static task
static1
Behavioral task
behavioral1
Sample
c3cff5741919b145dc55c678febd01b98d0f9f491b8384ad0fcbdfe38826bd30.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
c3cff5741919b145dc55c678febd01b98d0f9f491b8384ad0fcbdfe38826bd30.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.68:29093
Targets
-
-
Target
c3cff5741919b145dc55c678febd01b98d0f9f491b8384ad0fcbdfe38826bd30.exe
-
Size
392KB
-
MD5
cd83958d1b60e93f0fbe489787cd5fd3
-
SHA1
d135b334686ecf313cdf3bdae2f21a7ff332f3b6
-
SHA256
c3cff5741919b145dc55c678febd01b98d0f9f491b8384ad0fcbdfe38826bd30
-
SHA512
e20872c6c877968b9ff976f259ed4e8d81086605c769039949c736a203e1d5db0a36642e58e755ab4411ee1576a70fcd337f9d41171efbb6a51cc74778b3d947
-
SSDEEP
12288:8S9RdssB7MzhCgmdypuJwWasCIQtnSA3zbO:Dsm7MFCfd0HWBMjbO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-