General
-
Target
66bd012162049_crypted.exe
-
Size
373KB
-
Sample
240828-1hr36syhrl
-
MD5
2b503d87bce8e2b33a70533884bd0e6d
-
SHA1
53e38b2ad2a2f1f679831fbf27cdceb70f23c0d5
-
SHA256
c281796c069afc8bfaaa8d4b87ab31629c35fe1a1c7baf43807c5f0e223fa38f
-
SHA512
7d520e42bec49c1ac9b7d020c4ea5667cea580659d9e18acca2f603be35fa1685f1a9930f078805e7bce46a2bf662e4cabdb484e072475077f6fedbd366a8f14
-
SSDEEP
6144:38pOlFiWBhEhhhKNRUS7mrem0vAklPLM0FEucF2/BP34cdxYY+62sAukkFSEO:38qFDYhh07F7pm0fPwcEbkZ/46Yqwuyt
Static task
static1
Behavioral task
behavioral1
Sample
66bd012162049_crypted.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
66bd012162049_crypted.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
147.45.47.36:14537
Targets
-
-
Target
66bd012162049_crypted.exe
-
Size
373KB
-
MD5
2b503d87bce8e2b33a70533884bd0e6d
-
SHA1
53e38b2ad2a2f1f679831fbf27cdceb70f23c0d5
-
SHA256
c281796c069afc8bfaaa8d4b87ab31629c35fe1a1c7baf43807c5f0e223fa38f
-
SHA512
7d520e42bec49c1ac9b7d020c4ea5667cea580659d9e18acca2f603be35fa1685f1a9930f078805e7bce46a2bf662e4cabdb484e072475077f6fedbd366a8f14
-
SSDEEP
6144:38pOlFiWBhEhhhKNRUS7mrem0vAklPLM0FEucF2/BP34cdxYY+62sAukkFSEO:38qFDYhh07F7pm0fPwcEbkZ/46Yqwuyt
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-