General
-
Target
fddcafd336efceb3bcf8b3d5a3fef339f51601f1bfdfb38b367211a5f5bac00a
-
Size
1.0MB
-
Sample
240502-hf6vfabf2v
-
MD5
dcf3f3fc8f343ad3e227920b2bac878f
-
SHA1
afc6dbcb61238a4fcfeaa9286c564c753e24c3dd
-
SHA256
fddcafd336efceb3bcf8b3d5a3fef339f51601f1bfdfb38b367211a5f5bac00a
-
SHA512
836c56892241c5a8cdd4db5a99ab9d69d8576f7dd5fe34c0392fd1f509d2a2e1266c6a6ed50c5903d1abe485857e17455a638d67420aea66d27cfdc140e11dbe
-
SSDEEP
12288:G+cAof/Al6pkpsDBk4RVExAYk/fFDolZ7l4UduHyvz1a17J/9:Gxu6pkpsDBk4RVX/hMEUa99
Static task
static1
Behavioral task
behavioral1
Sample
fddcafd336efceb3bcf8b3d5a3fef339f51601f1bfdfb38b367211a5f5bac00a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fddcafd336efceb3bcf8b3d5a3fef339f51601f1bfdfb38b367211a5f5bac00a.exe
Resource
win10-20240404-en
Malware Config
Extracted
redline
LogsDiller Cloud (Telegram: @logsdillabot)
146.59.10.173:45035
-
auth_value
c2955ed3813a798683a185a82e949f88
Targets
-
-
Target
fddcafd336efceb3bcf8b3d5a3fef339f51601f1bfdfb38b367211a5f5bac00a
-
Size
1.0MB
-
MD5
dcf3f3fc8f343ad3e227920b2bac878f
-
SHA1
afc6dbcb61238a4fcfeaa9286c564c753e24c3dd
-
SHA256
fddcafd336efceb3bcf8b3d5a3fef339f51601f1bfdfb38b367211a5f5bac00a
-
SHA512
836c56892241c5a8cdd4db5a99ab9d69d8576f7dd5fe34c0392fd1f509d2a2e1266c6a6ed50c5903d1abe485857e17455a638d67420aea66d27cfdc140e11dbe
-
SSDEEP
12288:G+cAof/Al6pkpsDBk4RVExAYk/fFDolZ7l4UduHyvz1a17J/9:Gxu6pkpsDBk4RVX/hMEUa99
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-