General
-
Target
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54
-
Size
336KB
-
Sample
240429-fep47aaf99
-
MD5
9aa0e1cb84eaa0bf8e0c69154b797261
-
SHA1
fec3447e88cc504eb088a2c7e3f7a493e339aa1e
-
SHA256
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54
-
SHA512
4856fa4b27b22f539a4e8f2d68460954a265578e3c5eeb7836e35bda8488091d52114349d9a131fec5fd04e5c4ad7a420a5b1ac58253467ce7eeb36220098019
-
SSDEEP
6144:ycPfB2bf33rP/bWR/3gM/wniJGlXQukamPRiUx8pT76T7Qn48n:DZ2bvbP/b43R43lZkvRijg7Qnp
Static task
static1
Behavioral task
behavioral1
Sample
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54.exe
Resource
win10-20240404-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.0:29587
Targets
-
-
Target
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54
-
Size
336KB
-
MD5
9aa0e1cb84eaa0bf8e0c69154b797261
-
SHA1
fec3447e88cc504eb088a2c7e3f7a493e339aa1e
-
SHA256
b72dd501577e9c1a22f9f5cee67e253353c1e1691fd981db7ee188f8c03d8c54
-
SHA512
4856fa4b27b22f539a4e8f2d68460954a265578e3c5eeb7836e35bda8488091d52114349d9a131fec5fd04e5c4ad7a420a5b1ac58253467ce7eeb36220098019
-
SSDEEP
6144:ycPfB2bf33rP/bWR/3gM/wniJGlXQukamPRiUx8pT76T7Qn48n:DZ2bvbP/b43R43lZkvRijg7Qnp
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-