General

  • Target

    66bd012162049_crypted.exe

  • Size

    373KB

  • Sample

    240828-1hr36syhrl

  • MD5

    2b503d87bce8e2b33a70533884bd0e6d

  • SHA1

    53e38b2ad2a2f1f679831fbf27cdceb70f23c0d5

  • SHA256

    c281796c069afc8bfaaa8d4b87ab31629c35fe1a1c7baf43807c5f0e223fa38f

  • SHA512

    7d520e42bec49c1ac9b7d020c4ea5667cea580659d9e18acca2f603be35fa1685f1a9930f078805e7bce46a2bf662e4cabdb484e072475077f6fedbd366a8f14

  • SSDEEP

    6144:38pOlFiWBhEhhhKNRUS7mrem0vAklPLM0FEucF2/BP34cdxYY+62sAukkFSEO:38qFDYhh07F7pm0fPwcEbkZ/46Yqwuyt

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

147.45.47.36:14537

Targets

    • Target

      66bd012162049_crypted.exe

    • Size

      373KB

    • MD5

      2b503d87bce8e2b33a70533884bd0e6d

    • SHA1

      53e38b2ad2a2f1f679831fbf27cdceb70f23c0d5

    • SHA256

      c281796c069afc8bfaaa8d4b87ab31629c35fe1a1c7baf43807c5f0e223fa38f

    • SHA512

      7d520e42bec49c1ac9b7d020c4ea5667cea580659d9e18acca2f603be35fa1685f1a9930f078805e7bce46a2bf662e4cabdb484e072475077f6fedbd366a8f14

    • SSDEEP

      6144:38pOlFiWBhEhhhKNRUS7mrem0vAklPLM0FEucF2/BP34cdxYY+62sAukkFSEO:38qFDYhh07F7pm0fPwcEbkZ/46Yqwuyt

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks