General
-
Target
e668eed8b46eb6cb1b1ed9251661e2ad1a15af6c3073af38857c4ea2edfe8907
-
Size
1.8MB
-
Sample
240502-g2bezsdc94
-
MD5
d234d90cef07b0500c3c8003b9599448
-
SHA1
5d31cc4529ffdbee5251ea9772e6ac98d5ee4f30
-
SHA256
e668eed8b46eb6cb1b1ed9251661e2ad1a15af6c3073af38857c4ea2edfe8907
-
SHA512
8bb7edbe8a416d211f75c856d2efecbc582ca8dbde54bb4397b250073c19aa6aa62f39bebfda9cbafbb16534142832dec381a4b24bdc53e8617b978a74bf2c7f
-
SSDEEP
24576:2j4XqbZVk1s19CWLELdWZ/RT6a9Dhvh9Kg1PW3Ry:h1s19COZpT6a3vag1
Static task
static1
Behavioral task
behavioral1
Sample
e668eed8b46eb6cb1b1ed9251661e2ad1a15af6c3073af38857c4ea2edfe8907.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e668eed8b46eb6cb1b1ed9251661e2ad1a15af6c3073af38857c4ea2edfe8907.exe
Resource
win10-20240404-en
Malware Config
Extracted
redline
LogsDiller Cloud (Telegram: @logsdillabot)
51.255.152.132:36011
Targets
-
-
Target
e668eed8b46eb6cb1b1ed9251661e2ad1a15af6c3073af38857c4ea2edfe8907
-
Size
1.8MB
-
MD5
d234d90cef07b0500c3c8003b9599448
-
SHA1
5d31cc4529ffdbee5251ea9772e6ac98d5ee4f30
-
SHA256
e668eed8b46eb6cb1b1ed9251661e2ad1a15af6c3073af38857c4ea2edfe8907
-
SHA512
8bb7edbe8a416d211f75c856d2efecbc582ca8dbde54bb4397b250073c19aa6aa62f39bebfda9cbafbb16534142832dec381a4b24bdc53e8617b978a74bf2c7f
-
SSDEEP
24576:2j4XqbZVk1s19CWLELdWZ/RT6a9Dhvh9Kg1PW3Ry:h1s19COZpT6a3vag1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-