General

  • Target

    43588266a8cdbb63c3e1660da5ebea1a27e05d73d7d23d2bb9f65a78b913a5ee

  • Size

    1.2MB

  • Sample

    240429-e3gx2sae81

  • MD5

    8c9287ef35644cc0b67a4b8000d38ce8

  • SHA1

    b741efa13f0878097bc056b2e3fc431aea4b6c42

  • SHA256

    43588266a8cdbb63c3e1660da5ebea1a27e05d73d7d23d2bb9f65a78b913a5ee

  • SHA512

    1f96f848c443bb25981c545f9ece15499761b4b15f920f686694425a1579b16fe52c45b0975417a4ed117a413babbf9d883b43e378d74e26885f6d710619e400

  • SSDEEP

    24576:6OPhASFRmJ211Nx7KPZ4o5tt9H7By/FfXnAe:3RmJ211Nxm9ttxYtfXb

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.50:33080

Targets

    • Target

      43588266a8cdbb63c3e1660da5ebea1a27e05d73d7d23d2bb9f65a78b913a5ee

    • Size

      1.2MB

    • MD5

      8c9287ef35644cc0b67a4b8000d38ce8

    • SHA1

      b741efa13f0878097bc056b2e3fc431aea4b6c42

    • SHA256

      43588266a8cdbb63c3e1660da5ebea1a27e05d73d7d23d2bb9f65a78b913a5ee

    • SHA512

      1f96f848c443bb25981c545f9ece15499761b4b15f920f686694425a1579b16fe52c45b0975417a4ed117a413babbf9d883b43e378d74e26885f6d710619e400

    • SSDEEP

      24576:6OPhASFRmJ211Nx7KPZ4o5tt9H7By/FfXnAe:3RmJ211Nxm9ttxYtfXb

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks