Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e668eed8b46eb6cb1b1ed9251661e2ad1a15af6c3073af38857c4ea2edfe8907

  • Size

    1.8MB

  • Sample

    240502-g2bezsdc94

  • MD5

    d234d90cef07b0500c3c8003b9599448

  • SHA1

    5d31cc4529ffdbee5251ea9772e6ac98d5ee4f30

  • SHA256

    e668eed8b46eb6cb1b1ed9251661e2ad1a15af6c3073af38857c4ea2edfe8907

  • SHA512

    8bb7edbe8a416d211f75c856d2efecbc582ca8dbde54bb4397b250073c19aa6aa62f39bebfda9cbafbb16534142832dec381a4b24bdc53e8617b978a74bf2c7f

  • SSDEEP

    24576:2j4XqbZVk1s19CWLELdWZ/RT6a9Dhvh9Kg1PW3Ry:h1s19COZpT6a3vag1

Score
10/10
redlinelogsdiller cloud (telegram: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

51.255.152.132:36011

Targets

    • Target

      e668eed8b46eb6cb1b1ed9251661e2ad1a15af6c3073af38857c4ea2edfe8907

    • Size

      1.8MB

    • MD5

      d234d90cef07b0500c3c8003b9599448

    • SHA1

      5d31cc4529ffdbee5251ea9772e6ac98d5ee4f30

    • SHA256

      e668eed8b46eb6cb1b1ed9251661e2ad1a15af6c3073af38857c4ea2edfe8907

    • SHA512

      8bb7edbe8a416d211f75c856d2efecbc582ca8dbde54bb4397b250073c19aa6aa62f39bebfda9cbafbb16534142832dec381a4b24bdc53e8617b978a74bf2c7f

    • SSDEEP

      24576:2j4XqbZVk1s19CWLELdWZ/RT6a9Dhvh9Kg1PW3Ry:h1s19COZpT6a3vag1

    Score
    10/10
    redlinelogsdiller cloud (telegram: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks