Overview

overview

10

Static

static

1

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    c3cff5741919b145dc55c678febd01b98d0f9f491b8384ad0fcbdfe38826bd30

  • Size

    392KB

  • Sample

    240429-eterbshh27

  • MD5

    cd83958d1b60e93f0fbe489787cd5fd3

  • SHA1

    d135b334686ecf313cdf3bdae2f21a7ff332f3b6

  • SHA256

    c3cff5741919b145dc55c678febd01b98d0f9f491b8384ad0fcbdfe38826bd30

  • SHA512

    e20872c6c877968b9ff976f259ed4e8d81086605c769039949c736a203e1d5db0a36642e58e755ab4411ee1576a70fcd337f9d41171efbb6a51cc74778b3d947

  • SSDEEP

    12288:8S9RdssB7MzhCgmdypuJwWasCIQtnSA3zbO:Dsm7MFCfd0HWBMjbO

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.68:29093

Targets

    • Target

      c3cff5741919b145dc55c678febd01b98d0f9f491b8384ad0fcbdfe38826bd30

    • Size

      392KB

    • MD5

      cd83958d1b60e93f0fbe489787cd5fd3

    • SHA1

      d135b334686ecf313cdf3bdae2f21a7ff332f3b6

    • SHA256

      c3cff5741919b145dc55c678febd01b98d0f9f491b8384ad0fcbdfe38826bd30

    • SHA512

      e20872c6c877968b9ff976f259ed4e8d81086605c769039949c736a203e1d5db0a36642e58e755ab4411ee1576a70fcd337f9d41171efbb6a51cc74778b3d947

    • SSDEEP

      12288:8S9RdssB7MzhCgmdypuJwWasCIQtnSA3zbO:Dsm7MFCfd0HWBMjbO

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks