Overview

overview

10

Static

static

1

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0e0c0490ffc84c7495c29f2cd0e302e982efc377764f22b57f0acbf637b93630

  • Size

    932KB

  • Sample

    240810-vhyytssglh

  • MD5

    4587aa68e93674b5d4e35fff967b72b0

  • SHA1

    30e7f586ce5cf8a53241e8270d8ee0cb314bc68a

  • SHA256

    0e0c0490ffc84c7495c29f2cd0e302e982efc377764f22b57f0acbf637b93630

  • SHA512

    72a2a8d96133b643c29ef068aadfb2d854c8ba7f01e2f722f0d9fcf133103de9708ab0ffcde89121b3e3189a95d4721f4ca93620efbbc0b81e9a068043fcf324

  • SSDEEP

    24576:F3dQC5oKB7j2xKR13XYpAaZq39jImMqKcXwm8j/jwt:FBoKB7j2xK1sZq3hImMqKI

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)discoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

147.45.44.139:21028

Targets

    • Target

      0e0c0490ffc84c7495c29f2cd0e302e982efc377764f22b57f0acbf637b93630

    • Size

      932KB

    • MD5

      4587aa68e93674b5d4e35fff967b72b0

    • SHA1

      30e7f586ce5cf8a53241e8270d8ee0cb314bc68a

    • SHA256

      0e0c0490ffc84c7495c29f2cd0e302e982efc377764f22b57f0acbf637b93630

    • SHA512

      72a2a8d96133b643c29ef068aadfb2d854c8ba7f01e2f722f0d9fcf133103de9708ab0ffcde89121b3e3189a95d4721f4ca93620efbbc0b81e9a068043fcf324

    • SSDEEP

      24576:F3dQC5oKB7j2xKR13XYpAaZq39jImMqKcXwm8j/jwt:FBoKB7j2xK1sZq3hImMqKI

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)discoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks