redline | f7e4677e3b3ef407b46b797cd1f6ceeb5e270bdfef24a564ebcc95153cf863e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7e4677e3b3ef407b46b797cd1f6ceeb5e270bdfef24a564ebcc95153cf863e9
Size

4.5MB
Sample

240808-2red4svhnb
MD5

63f9882f056722b75da5e19a4a3d8b88
SHA1

c2e3569e82ceacacf67d97e8962f0281dd74af1f
SHA256

f7e4677e3b3ef407b46b797cd1f6ceeb5e270bdfef24a564ebcc95153cf863e9
SHA512

163a0c82f4c92916b6e33564578f48ef6fbfffd4b95097d303dacdaf277b29c5356bac8dc8a47516298512d09f381e621f4b577871b04b7c340e028af7ef9e22
SSDEEP

49152:X2hIcHZ0FYoU453YCrcPRAVr+dvcb04zrTnZd0SGZOOPPixOXPC1/p4SwN:X2hzHZoYCrcPRs+FcXzrrTOPPiQQ4SwN

Score

10^/10

redline logsdiller cloud (tg: @logsdillabot)discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

147.45.44.56:18168

Targets

- Target
  
  f7e4677e3b3ef407b46b797cd1f6ceeb5e270bdfef24a564ebcc95153cf863e9
- Size
  
  4.5MB
- MD5
  
  63f9882f056722b75da5e19a4a3d8b88
- SHA1
  
  c2e3569e82ceacacf67d97e8962f0281dd74af1f
- SHA256
  
  f7e4677e3b3ef407b46b797cd1f6ceeb5e270bdfef24a564ebcc95153cf863e9
- SHA512
  
  163a0c82f4c92916b6e33564578f48ef6fbfffd4b95097d303dacdaf277b29c5356bac8dc8a47516298512d09f381e621f4b577871b04b7c340e028af7ef9e22
- SSDEEP
  
  49152:X2hIcHZ0FYoU453YCrcPRAVr+dvcb04zrTnZd0SGZOOPPixOXPC1/p4SwN:X2hzHZoYCrcPRs+FcXzrrTOPPiQQ4SwN
Score

10^/10

redline logsdiller cloud (tg: @logsdillabot)discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinelogsdiller cloud (tg: @logsdillabot)discoveryinfostealer

behavioral2

redlinelogsdiller cloud (tg: @logsdillabot)discoveryinfostealer