General
-
Target
745855de030383ed6bde8546fc7aae4754dbe671b72afc8b9f9578d07a005619.dll
-
Size
403KB
-
Sample
240527-bh2j6sbg57
-
MD5
503eafcc0a91ba3ffeb5fa181c93a011
-
SHA1
010a01a6249804b23ff511298a6161ec47a1390b
-
SHA256
745855de030383ed6bde8546fc7aae4754dbe671b72afc8b9f9578d07a005619
-
SHA512
4f986408efa996b2b99ea71cd24600cac1380480ca15b3589208efeb02e683ae7c0e0c1103e94e1d508448b3ffcc10a34e638309a8e883b9127797683fe228ae
-
SSDEEP
6144:TLD2SO9wTMZ8Aj3BcAVETHK1Kq2PUZVqhb81289V4gdl++z9:TLD2sA3WrVUZVd1rV93z9
Static task
static1
Behavioral task
behavioral1
Sample
745855de030383ed6bde8546fc7aae4754dbe671b72afc8b9f9578d07a005619.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
745855de030383ed6bde8546fc7aae4754dbe671b72afc8b9f9578d07a005619.dll
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
LogsDiller Cloud (Telegram: @logsdillabot)
5.42.65.115:40551
Targets
-
-
Target
745855de030383ed6bde8546fc7aae4754dbe671b72afc8b9f9578d07a005619.dll
-
Size
403KB
-
MD5
503eafcc0a91ba3ffeb5fa181c93a011
-
SHA1
010a01a6249804b23ff511298a6161ec47a1390b
-
SHA256
745855de030383ed6bde8546fc7aae4754dbe671b72afc8b9f9578d07a005619
-
SHA512
4f986408efa996b2b99ea71cd24600cac1380480ca15b3589208efeb02e683ae7c0e0c1103e94e1d508448b3ffcc10a34e638309a8e883b9127797683fe228ae
-
SSDEEP
6144:TLD2SO9wTMZ8Aj3BcAVETHK1Kq2PUZVqhb81289V4gdl++z9:TLD2sA3WrVUZVd1rV93z9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-