Overview

overview

10

Static

static

1

d5d2a698d3...52.exe

windows7-x64

3

d5d2a698d3...52.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    720d03b48bde363e0fb4eecb456bebdfa25c2e5cf121ec60acc71d1f1f3730de

  • Size

    321KB

  • Sample

    240417-qwrpfsbd7y

  • MD5

    a3059a33a697281ded7504f1a5724904

  • SHA1

    c7aaa58af71c827c4efd9fd395e650664be00085

  • SHA256

    720d03b48bde363e0fb4eecb456bebdfa25c2e5cf121ec60acc71d1f1f3730de

  • SHA512

    db5b5d95503003b2de7fe623a37f42b01f0fd979263cbceb01ea16ff036c76aac1cd31dcfdcd777813dbd502f70b6f094dd045003c398d5ef6035cfa375f1e16

  • SSDEEP

    6144:x5Yv23iJf8NNTju+bQBJi/15lzfnxPSNZLgblZGubAul8TCBDcf0k3LCTl6f:xKe37XfbQBJiN5l7xKElQubAXCqfTLCm

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

    • Target

      d5d2a698d3e63631ef0e23dabec79f49e4173105eb267d2d59309a8c39c3ba52.exe

    • Size

      331KB

    • MD5

      9ef39d6f27e41fc29f9d10acfa5a17c9

    • SHA1

      4309f3b9cbaafb909c9cf1cf85503c6cfa71b565

    • SHA256

      d5d2a698d3e63631ef0e23dabec79f49e4173105eb267d2d59309a8c39c3ba52

    • SHA512

      0746c8c18055db103628149ce75607e0bb764eb267301c39aa6327fa6346aeefcb6d040afaa9424e7c47315d49239ff24eb24d0da57348ba77297bbc15141e5b

    • SSDEEP

      6144:2UNT52ujFIdj3e3zpQiaRdY2zZxbkHmNeM7AttjUoM/:BT5ZjFWDebEjzkoqe/

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks