General
-
Target
7e4bdc9275e5f5ef540830946c6a09eca943b609c0151eae1afe45237e330312
-
Size
324KB
-
Sample
240417-qvvdyshg68
-
MD5
d3a185ccf5016689be08c463b7e8ffae
-
SHA1
286e36b966fb6fc24313fdefba67ef4f13d8d0d3
-
SHA256
7e4bdc9275e5f5ef540830946c6a09eca943b609c0151eae1afe45237e330312
-
SHA512
cb3a58225e2a5e720aaacbd5da6e4840cebf92163ecc9533fbdd8cdec8f8842218343fcf227f05b12c9695a337ad730f47a633939dc04cc32468047e3353e994
-
SSDEEP
6144:NbnQkLXlmOLlsMzns5DrUeIp7tUCX9AenS70i+Dl1T+akq4GuG+/Z8BfHCc2k:NbNXlmO5VasxtaenS4iiDfV4GuGQOBvh
Static task
static1
Behavioral task
behavioral1
Sample
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.0:29587
Targets
-
-
Target
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54.exe
-
Size
336KB
-
MD5
9aa0e1cb84eaa0bf8e0c69154b797261
-
SHA1
fec3447e88cc504eb088a2c7e3f7a493e339aa1e
-
SHA256
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54
-
SHA512
4856fa4b27b22f539a4e8f2d68460954a265578e3c5eeb7836e35bda8488091d52114349d9a131fec5fd04e5c4ad7a420a5b1ac58253467ce7eeb36220098019
-
SSDEEP
6144:ycPfB2bf33rP/bWR/3gM/wniJGlXQukamPRiUx8pT76T7Qn48n:DZ2bvbP/b43R43lZkvRijg7Qnp
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-