Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fddcafd336efceb3bcf8b3d5a3fef339f51601f1bfdfb38b367211a5f5bac00a

  • Size

    1.0MB

  • Sample

    240502-hf6vfabf2v

  • MD5

    dcf3f3fc8f343ad3e227920b2bac878f

  • SHA1

    afc6dbcb61238a4fcfeaa9286c564c753e24c3dd

  • SHA256

    fddcafd336efceb3bcf8b3d5a3fef339f51601f1bfdfb38b367211a5f5bac00a

  • SHA512

    836c56892241c5a8cdd4db5a99ab9d69d8576f7dd5fe34c0392fd1f509d2a2e1266c6a6ed50c5903d1abe485857e17455a638d67420aea66d27cfdc140e11dbe

  • SSDEEP

    12288:G+cAof/Al6pkpsDBk4RVExAYk/fFDolZ7l4UduHyvz1a17J/9:Gxu6pkpsDBk4RVX/hMEUa99

Score
10/10
redlinelogsdiller cloud (telegram: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

146.59.10.173:45035

Attributes
  • auth_value

    c2955ed3813a798683a185a82e949f88

Targets

    • Target

      fddcafd336efceb3bcf8b3d5a3fef339f51601f1bfdfb38b367211a5f5bac00a

    • Size

      1.0MB

    • MD5

      dcf3f3fc8f343ad3e227920b2bac878f

    • SHA1

      afc6dbcb61238a4fcfeaa9286c564c753e24c3dd

    • SHA256

      fddcafd336efceb3bcf8b3d5a3fef339f51601f1bfdfb38b367211a5f5bac00a

    • SHA512

      836c56892241c5a8cdd4db5a99ab9d69d8576f7dd5fe34c0392fd1f509d2a2e1266c6a6ed50c5903d1abe485857e17455a638d67420aea66d27cfdc140e11dbe

    • SSDEEP

      12288:G+cAof/Al6pkpsDBk4RVExAYk/fFDolZ7l4UduHyvz1a17J/9:Gxu6pkpsDBk4RVX/hMEUa99

    Score
    10/10
    redlinelogsdiller cloud (telegram: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks