General

  • Target

    f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67

  • Size

    342KB

  • Sample

    240429-feskbaag27

  • MD5

    c813ab1235cc9880b05c865da8f0ebae

  • SHA1

    8cde3afb841711bb299066d8e8d1ff750de5de41

  • SHA256

    f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67

  • SHA512

    b3ab59bc5656580bc116905f69e34c8f2ad8424082074e5d69083f77521f2f6a44b1e8100a41e4b9cf1843a012911287b4a766f9de8d2d4ea12912af2babfcfc

  • SSDEEP

    6144:Hh90JBso1v0l3PEAHRq6MfYKzx8iq3UcmRq1Dt1j5RzSLs:XgRd09E5tx23UcUqlj3uLs

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Targets

    • Target

      f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67

    • Size

      342KB

    • MD5

      c813ab1235cc9880b05c865da8f0ebae

    • SHA1

      8cde3afb841711bb299066d8e8d1ff750de5de41

    • SHA256

      f73a31c7e19e74128d45775a82f8df09150bcaef5bf3c98e2c29a2b90c275a67

    • SHA512

      b3ab59bc5656580bc116905f69e34c8f2ad8424082074e5d69083f77521f2f6a44b1e8100a41e4b9cf1843a012911287b4a766f9de8d2d4ea12912af2babfcfc

    • SSDEEP

      6144:Hh90JBso1v0l3PEAHRq6MfYKzx8iq3UcmRq1Dt1j5RzSLs:XgRd09E5tx23UcUqlj3uLs

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks