Overview

overview

10

Static

static

3

7090723b58...46.exe

windows7-x64

10

7090723b58...46.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    004baadff1a627a2f86e6a8345233037.bin

  • Size

    2.7MB

  • Sample

    240531-bcpy7ahh99

  • MD5

    155dcf59e9e5757179ce7c3ef46a8afc

  • SHA1

    824155200409fe153f2c65d18c785a3b70783b88

  • SHA256

    916e4e621e29194977ebba97aa8477b761aab0a15981dab967b20d4f6475bf6f

  • SHA512

    3ab9a6cb87e0aeff3041d1dc795f31f932f9ff104ab224f4af881034a5dfefa950a18f6c5509367c4d1f8e3301689640fddf853430cd4579a020f647fc4e4b48

  • SSDEEP

    49152:n4pWR6oIiFF0HqQwVBynYjapcgIMy2qUAw2mHED2IV3oy9QV+HaZ3X9JF5J5aZrR:4p6/QmapcgjNl/+RZz4j5GN

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealerspyware

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.129:2353

Targets

    • Target

      7090723b5821d015e801d537ad745b7de3046ade870b4fd7a3ee8a5ad7d16a46.exe

    • Size

      5.0MB

    • MD5

      004baadff1a627a2f86e6a8345233037

    • SHA1

      9447e67628b6e61adf1f21ad4169481b822d54fe

    • SHA256

      7090723b5821d015e801d537ad745b7de3046ade870b4fd7a3ee8a5ad7d16a46

    • SHA512

      20b437eab89aaccba30c687b254a2ab3834cd78f774b794cf54ac6cae33f3c95a7a793a3f87beb20968e31b23cff711ceab5a6cd1923875380e53512fb9c581e

    • SSDEEP

      98304:a3Txn5/Y05WHbdPn+eT4Om2pZ90XYis5VfIcm:azg05WHbdmPeZ90XYis5V0

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks