General
-
Target
98b6ec64d37efa2d1b82037c9cd2c51e.bin
-
Size
415KB
-
Sample
240509-dlynssaa28
-
MD5
ba624b4677bb99270e768a828eb947e6
-
SHA1
c7051c866ac47fcebd2c97f7cd62ff4bb8218d45
-
SHA256
664b12e8b4c17cfa0b1a006db395f759c1226fb5b8dcfe4663258531c37ad3e4
-
SHA512
dd5e4bcce7b44c6485b5aced091e0785d60bf6d8384671cc1881f786535b99b64a64f96dbcc1174d67de46579246c384f2170dfbfbfa8ecd806f7a6841523172
-
SSDEEP
12288:Q6kISnzV0NTXaKEv/+UxB1iuwQfljc+MT9:R7SzVCGEUn1rxljc+q9
Static task
static1
Behavioral task
behavioral1
Sample
cedb8fc0a286ec44b5d3451f06ee954c1c8cca943981e6f5223bf6916af0fb3b.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
cedb8fc0a286ec44b5d3451f06ee954c1c8cca943981e6f5223bf6916af0fb3b.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.96:28380
Targets
-
-
Target
cedb8fc0a286ec44b5d3451f06ee954c1c8cca943981e6f5223bf6916af0fb3b.exe
-
Size
509KB
-
MD5
98b6ec64d37efa2d1b82037c9cd2c51e
-
SHA1
2bd96489914570b2fe8f5b652166ae2584b8f203
-
SHA256
cedb8fc0a286ec44b5d3451f06ee954c1c8cca943981e6f5223bf6916af0fb3b
-
SHA512
87c747ca7377cdd18dd0ace74472950946000b9ef62b279ce41daf040a200893c70ea8e476881542e05a72a89a151d4f7755913a2521f431d2fb79951e57f9d7
-
SSDEEP
12288:nW+60nbnuhQJmv0nBRMGJsk7RRFbo2jnqHS:nWV0n4v0n7MGJX3K8c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-