General
-
Target
fc924b0203fd4bc1d1de918b95480eb1de03194f3bee0029e056d09aae2819e4
-
Size
351KB
-
Sample
240417-qvl3kshg58
-
MD5
3214fe2aca3f7c23281912dbd5780c8b
-
SHA1
f2f67dbd07ec63cdcb6a035a0a6d54717c4e49a0
-
SHA256
fc924b0203fd4bc1d1de918b95480eb1de03194f3bee0029e056d09aae2819e4
-
SHA512
b782c4f6a79dd090ff5ef0d0143f7d9e7a7999192927963f7971e47383d6ffdd6897573f2c42d49262bcd72a4a6c3575673bfe65aef9b9d1694c23c1f9a47bb0
-
SSDEEP
6144:uq55Rc2U4GCiO93ue0VKwt+5fW5w4Gty/K2XYaU5j3YEM8Xq92BF9uklqPtcKb:u6HQO93iVKB5u1GtIVYlOElI2/Llq7b
Static task
static1
Behavioral task
behavioral1
Sample
8108dd9d10c1a9dcd721a122976390864ca55b91a784eb9b841e6117b3b90f3e.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
8108dd9d10c1a9dcd721a122976390864ca55b91a784eb9b841e6117b3b90f3e.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.68:29093
Targets
-
-
Target
8108dd9d10c1a9dcd721a122976390864ca55b91a784eb9b841e6117b3b90f3e.exe
-
Size
388KB
-
MD5
d29a59208ba49db090c5957dface3f79
-
SHA1
467e27d271b4740ac867958a021f27bdfa492628
-
SHA256
8108dd9d10c1a9dcd721a122976390864ca55b91a784eb9b841e6117b3b90f3e
-
SHA512
5d84185f7099391f88a0b40a3be717c6fed7005246d6f7f9381b1ff7d5ec632b2c9fe91ac5b7036c19a06dc854727fe386593204557a4a93e1aabab6daf6a511
-
SSDEEP
6144:mC9T7uZL/RacaJgbipiG0DsavyCscTnt5q6PL0aENWyW42eU2hBu:mY/+tvip1+aCJnt5q6PYWT1r2hBu
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-