Overview

overview

10

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    525b154b2bae8eda0627e58af0dbeaceda5cd83589a7d697700a9bc9780d8940

  • Size

    798KB

  • Sample

    240502-glpyfaaf2z

  • MD5

    8ddb35a58ac6c397b91541620a493008

  • SHA1

    9ec14d44f66cb874f96b42d3376776304e279334

  • SHA256

    525b154b2bae8eda0627e58af0dbeaceda5cd83589a7d697700a9bc9780d8940

  • SHA512

    a0c1c4c41fd6107a2808876ed7ad2ab0d1d54b102af2a49509518d7b7d37ea6b6e5c069bac330f28baa09b5031a164e061787a7cc90a6ac0de384b72ed6fdaf1

  • SSDEEP

    12288:vlaZgr31TIkkJxauYuRWdSA6t3FzhC1K1C:vzBTbk9t3eQ1C

Score
10/10
redlinelogsdiller cloud (telegram: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

194.49.94.40:21348

Targets

    • Target

      525b154b2bae8eda0627e58af0dbeaceda5cd83589a7d697700a9bc9780d8940

    • Size

      798KB

    • MD5

      8ddb35a58ac6c397b91541620a493008

    • SHA1

      9ec14d44f66cb874f96b42d3376776304e279334

    • SHA256

      525b154b2bae8eda0627e58af0dbeaceda5cd83589a7d697700a9bc9780d8940

    • SHA512

      a0c1c4c41fd6107a2808876ed7ad2ab0d1d54b102af2a49509518d7b7d37ea6b6e5c069bac330f28baa09b5031a164e061787a7cc90a6ac0de384b72ed6fdaf1

    • SSDEEP

      12288:vlaZgr31TIkkJxauYuRWdSA6t3FzhC1K1C:vzBTbk9t3eQ1C

    Score
    10/10
    redlinelogsdiller cloud (telegram: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks