General
-
Target
9beecd87678c6e4a2b9b67bbc4dd6d19bdf6f57979e8767a078d9b1c92261ecf
-
Size
390KB
-
Sample
240502-gr9j2ada53
-
MD5
d3380e6a63a09aaf0c92bc4b4f76f066
-
SHA1
bc7ce96851e662212c7c054d9f91cd69c3900763
-
SHA256
9beecd87678c6e4a2b9b67bbc4dd6d19bdf6f57979e8767a078d9b1c92261ecf
-
SHA512
1121e2c867480ac6b4353dac35d77ee6241e866ddcc7fee5e95b44cdbfa7c6ffb604e6ec8eaf82798ee594557c1e96e288b89b50d553b8743f0d03a02c1d4570
-
SSDEEP
6144:kHXFo/N5ExgFbNOUAHEHIXbLvZAOZ39Vz0nW2kRu1THo1vxOaSVs0BC+:YwDExgFY5vxLn0WhxOaqs0BC+
Static task
static1
Behavioral task
behavioral1
Sample
9beecd87678c6e4a2b9b67bbc4dd6d19bdf6f57979e8767a078d9b1c92261ecf.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9beecd87678c6e4a2b9b67bbc4dd6d19bdf6f57979e8767a078d9b1c92261ecf.exe
Resource
win10-20240404-en
Malware Config
Extracted
redline
LogsDiller Cloud (Telegram: @logsdillabot)
146.59.10.173:45035
-
auth_value
c2955ed3813a798683a185a82e949f88
Targets
-
-
Target
9beecd87678c6e4a2b9b67bbc4dd6d19bdf6f57979e8767a078d9b1c92261ecf
-
Size
390KB
-
MD5
d3380e6a63a09aaf0c92bc4b4f76f066
-
SHA1
bc7ce96851e662212c7c054d9f91cd69c3900763
-
SHA256
9beecd87678c6e4a2b9b67bbc4dd6d19bdf6f57979e8767a078d9b1c92261ecf
-
SHA512
1121e2c867480ac6b4353dac35d77ee6241e866ddcc7fee5e95b44cdbfa7c6ffb604e6ec8eaf82798ee594557c1e96e288b89b50d553b8743f0d03a02c1d4570
-
SSDEEP
6144:kHXFo/N5ExgFbNOUAHEHIXbLvZAOZ39Vz0nW2kRu1THo1vxOaSVs0BC+:YwDExgFY5vxLn0WhxOaqs0BC+
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-