General
-
Target
052f4b87994b5aee20f9d69ef631c9648f6b90524575be78cba9a0bd17228050.exe
-
Size
467KB
-
Sample
240501-bdb4qadh48
-
MD5
775af421a2e7cc4d2cdb81142168f9c8
-
SHA1
502514f61d9411039839d35f2888dce15ced2962
-
SHA256
052f4b87994b5aee20f9d69ef631c9648f6b90524575be78cba9a0bd17228050
-
SHA512
d592d66b15551040c332bf6d359cf591940c36b0c4ed3e83171bdc228e3f66364ee06e7e92e706977d29299200eb4d36db83616edec3853f300aaf02dc2dade3
-
SSDEEP
12288:kx2+JCy0qUNFqoAmy0MumPyX1PEtFw8IK/X0JRmvrm:kx2H7JdaumKXTIOQj
Static task
static1
Behavioral task
behavioral1
Sample
052f4b87994b5aee20f9d69ef631c9648f6b90524575be78cba9a0bd17228050.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
052f4b87994b5aee20f9d69ef631c9648f6b90524575be78cba9a0bd17228050.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.96:28380
Targets
-
-
Target
052f4b87994b5aee20f9d69ef631c9648f6b90524575be78cba9a0bd17228050.exe
-
Size
467KB
-
MD5
775af421a2e7cc4d2cdb81142168f9c8
-
SHA1
502514f61d9411039839d35f2888dce15ced2962
-
SHA256
052f4b87994b5aee20f9d69ef631c9648f6b90524575be78cba9a0bd17228050
-
SHA512
d592d66b15551040c332bf6d359cf591940c36b0c4ed3e83171bdc228e3f66364ee06e7e92e706977d29299200eb4d36db83616edec3853f300aaf02dc2dade3
-
SSDEEP
12288:kx2+JCy0qUNFqoAmy0MumPyX1PEtFw8IK/X0JRmvrm:kx2H7JdaumKXTIOQj
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-