Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f1b8332cb1131e1e6d8bb133579c2474d7f3ff73e520b31a0bc71f67241a4013

  • Size

    3.7MB

  • Sample

    240627-3h1res1crj

  • MD5

    851540a8a61d4606a6e7df206c7211e6

  • SHA1

    1694c00781c85ee4aff42dcf67ad3752daa80c35

  • SHA256

    f1b8332cb1131e1e6d8bb133579c2474d7f3ff73e520b31a0bc71f67241a4013

  • SHA512

    03bfcf302bda2a73bf19baf45d6e6d726fc78b87b1b3eb37f9d5f2d28b3b039ee1f5e0d75bdd6d80f8b3e549125314ee4fe896671f667e52aab638aa2338d609

  • SSDEEP

    49152:W8rXn233KExXMbs5rseJy58Y8bWftef4R0Upyw+dr9TbaM9a6NLVxx6v57H2H8Ux:Wt3Ke/5Ieri/R3MTbaM9VNx6h7W1A

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.92:27953

Targets

    • Target

      f1b8332cb1131e1e6d8bb133579c2474d7f3ff73e520b31a0bc71f67241a4013

    • Size

      3.7MB

    • MD5

      851540a8a61d4606a6e7df206c7211e6

    • SHA1

      1694c00781c85ee4aff42dcf67ad3752daa80c35

    • SHA256

      f1b8332cb1131e1e6d8bb133579c2474d7f3ff73e520b31a0bc71f67241a4013

    • SHA512

      03bfcf302bda2a73bf19baf45d6e6d726fc78b87b1b3eb37f9d5f2d28b3b039ee1f5e0d75bdd6d80f8b3e549125314ee4fe896671f667e52aab638aa2338d609

    • SSDEEP

      49152:W8rXn233KExXMbs5rseJy58Y8bWftef4R0Upyw+dr9TbaM9a6NLVxx6v57H2H8Ux:Wt3Ke/5Ieri/R3MTbaM9VNx6h7W1A

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks