General
-
Target
9b3689a34c9c5d13c5edd650ee28c36a.bin
-
Size
316KB
-
Sample
240509-dl7ayafb41
-
MD5
60859d589177e63415ab810049376e4e
-
SHA1
0545e016da3f27ff4dd3fdb78907be39d64018b5
-
SHA256
b5c7fea7703c48ed100678082c27973b21cc0967c8fa50a73d62bf09213ef014
-
SHA512
a914549128c41c1fcfdfeacd4dd88ee0b9de4784262438c75e93fec953857c2d9ef7d1d8c32f12a5f0ac210204dafcdb1868c7010b1bdb3f67b98e55279eea2f
-
SSDEEP
6144:91v8xV3eiPm78AZd5WvGdRR2FCg0F47i+YAk8g7NCby:91v8xVukAxWvGdR4QgjhgRCby
Static task
static1
Behavioral task
behavioral1
Sample
21003af880e681549de538ba191670cac43d8430ccf7ab11a8e164f18a3cc8b8.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
21003af880e681549de538ba191670cac43d8430ccf7ab11a8e164f18a3cc8b8.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.96:28380
Targets
-
-
Target
21003af880e681549de538ba191670cac43d8430ccf7ab11a8e164f18a3cc8b8.exe
-
Size
322KB
-
MD5
9b3689a34c9c5d13c5edd650ee28c36a
-
SHA1
c74bc3e35030ea98bb87221f5f5ad882b537d146
-
SHA256
21003af880e681549de538ba191670cac43d8430ccf7ab11a8e164f18a3cc8b8
-
SHA512
28c697aeaa0772f505921d0a373fb663f72f6bd056d9f2fc91a0d7d8ba93c47ad3e956be502316f20ca9f0bc251254b4b85cb529e4ea6e727091b5e9479b9eb3
-
SSDEEP
6144:urWjANCz3eSNnGKx/ykVyrcowPkN0rx6lYMfz9I9pkGZP+5nuQggu23kp:QWcN6X1GNwr8NkQlvrC9pkGdInZZu7
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-