General
-
Target
525b154b2bae8eda0627e58af0dbeaceda5cd83589a7d697700a9bc9780d8940
-
Size
798KB
-
Sample
240502-glpyfaaf2z
-
MD5
8ddb35a58ac6c397b91541620a493008
-
SHA1
9ec14d44f66cb874f96b42d3376776304e279334
-
SHA256
525b154b2bae8eda0627e58af0dbeaceda5cd83589a7d697700a9bc9780d8940
-
SHA512
a0c1c4c41fd6107a2808876ed7ad2ab0d1d54b102af2a49509518d7b7d37ea6b6e5c069bac330f28baa09b5031a164e061787a7cc90a6ac0de384b72ed6fdaf1
-
SSDEEP
12288:vlaZgr31TIkkJxauYuRWdSA6t3FzhC1K1C:vzBTbk9t3eQ1C
Static task
static1
Behavioral task
behavioral1
Sample
525b154b2bae8eda0627e58af0dbeaceda5cd83589a7d697700a9bc9780d8940.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
525b154b2bae8eda0627e58af0dbeaceda5cd83589a7d697700a9bc9780d8940.exe
Resource
win10-20240404-en
Malware Config
Extracted
redline
LogsDiller Cloud (Telegram: @logsdillabot)
194.49.94.40:21348
Targets
-
-
Target
525b154b2bae8eda0627e58af0dbeaceda5cd83589a7d697700a9bc9780d8940
-
Size
798KB
-
MD5
8ddb35a58ac6c397b91541620a493008
-
SHA1
9ec14d44f66cb874f96b42d3376776304e279334
-
SHA256
525b154b2bae8eda0627e58af0dbeaceda5cd83589a7d697700a9bc9780d8940
-
SHA512
a0c1c4c41fd6107a2808876ed7ad2ab0d1d54b102af2a49509518d7b7d37ea6b6e5c069bac330f28baa09b5031a164e061787a7cc90a6ac0de384b72ed6fdaf1
-
SSDEEP
12288:vlaZgr31TIkkJxauYuRWdSA6t3FzhC1K1C:vzBTbk9t3eQ1C
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-