General
-
Target
43588266a8cdbb63c3e1660da5ebea1a27e05d73d7d23d2bb9f65a78b913a5ee
-
Size
1.2MB
-
Sample
240429-e3gx2sae81
-
MD5
8c9287ef35644cc0b67a4b8000d38ce8
-
SHA1
b741efa13f0878097bc056b2e3fc431aea4b6c42
-
SHA256
43588266a8cdbb63c3e1660da5ebea1a27e05d73d7d23d2bb9f65a78b913a5ee
-
SHA512
1f96f848c443bb25981c545f9ece15499761b4b15f920f686694425a1579b16fe52c45b0975417a4ed117a413babbf9d883b43e378d74e26885f6d710619e400
-
SSDEEP
24576:6OPhASFRmJ211Nx7KPZ4o5tt9H7By/FfXnAe:3RmJ211Nxm9ttxYtfXb
Static task
static1
Behavioral task
behavioral1
Sample
43588266a8cdbb63c3e1660da5ebea1a27e05d73d7d23d2bb9f65a78b913a5ee.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
43588266a8cdbb63c3e1660da5ebea1a27e05d73d7d23d2bb9f65a78b913a5ee.exe
Resource
win10-20240404-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.50:33080
Targets
-
-
Target
43588266a8cdbb63c3e1660da5ebea1a27e05d73d7d23d2bb9f65a78b913a5ee
-
Size
1.2MB
-
MD5
8c9287ef35644cc0b67a4b8000d38ce8
-
SHA1
b741efa13f0878097bc056b2e3fc431aea4b6c42
-
SHA256
43588266a8cdbb63c3e1660da5ebea1a27e05d73d7d23d2bb9f65a78b913a5ee
-
SHA512
1f96f848c443bb25981c545f9ece15499761b4b15f920f686694425a1579b16fe52c45b0975417a4ed117a413babbf9d883b43e378d74e26885f6d710619e400
-
SSDEEP
24576:6OPhASFRmJ211Nx7KPZ4o5tt9H7By/FfXnAe:3RmJ211Nxm9ttxYtfXb
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-