Overview

overview

10

Static

static

1

b72dd50157...54.exe

windows7-x64

10

b72dd50157...54.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e4bdc9275e5f5ef540830946c6a09eca943b609c0151eae1afe45237e330312

  • Size

    324KB

  • Sample

    240417-qvvdyshg68

  • MD5

    d3a185ccf5016689be08c463b7e8ffae

  • SHA1

    286e36b966fb6fc24313fdefba67ef4f13d8d0d3

  • SHA256

    7e4bdc9275e5f5ef540830946c6a09eca943b609c0151eae1afe45237e330312

  • SHA512

    cb3a58225e2a5e720aaacbd5da6e4840cebf92163ecc9533fbdd8cdec8f8842218343fcf227f05b12c9695a337ad730f47a633939dc04cc32468047e3353e994

  • SSDEEP

    6144:NbnQkLXlmOLlsMzns5DrUeIp7tUCX9AenS70i+Dl1T+akq4GuG+/Z8BfHCc2k:NbNXlmO5VasxtaenS4iiDfV4GuGQOBvh

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

    • Target

      b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54.exe

    • Size

      336KB

    • MD5

      9aa0e1cb84eaa0bf8e0c69154b797261

    • SHA1

      fec3447e88cc504eb088a2c7e3f7a493e339aa1e

    • SHA256

      b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54

    • SHA512

      4856fa4b27b22f539a4e8f2d68460954a265578e3c5eeb7836e35bda8488091d52114349d9a131fec5fd04e5c4ad7a420a5b1ac58253467ce7eeb36220098019

    • SSDEEP

      6144:ycPfB2bf33rP/bWR/3gM/wniJGlXQukamPRiUx8pT76T7Qn48n:DZ2bvbP/b43R43lZkvRijg7Qnp

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks