General
-
Target
66be35a2807ef_crypted.exe
-
Size
312KB
-
Sample
240828-1jfrjaxejc
-
MD5
e93bf642b8564c006f501145b32ec1f6
-
SHA1
d188666a2f93fb6acbb2050e539c7f3a53bf87a3
-
SHA256
d22db11ce993116313ef560dba21d4c081f8a8cc674462fdae4176749d4bd93a
-
SHA512
8514f42eabf73fe9536a3c76aeb8331c5adaa0ae4ecb084f21a71abe4fb65e0e1e9d6a181da221dab2ccda2b8e294c7d0ffeb9f571c7279460133dc284423668
-
SSDEEP
6144:wlVh6vyQ6vOuUt78JARfEpIOtnQg3bXFm1dCBcORVNu5Srs:wHM6QmOuq7/VEpDn1+Cy+VY5f
Static task
static1
Behavioral task
behavioral1
Sample
66be35a2807ef_crypted.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
66be35a2807ef_crypted.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
147.45.47.36:14537
Targets
-
-
Target
66be35a2807ef_crypted.exe
-
Size
312KB
-
MD5
e93bf642b8564c006f501145b32ec1f6
-
SHA1
d188666a2f93fb6acbb2050e539c7f3a53bf87a3
-
SHA256
d22db11ce993116313ef560dba21d4c081f8a8cc674462fdae4176749d4bd93a
-
SHA512
8514f42eabf73fe9536a3c76aeb8331c5adaa0ae4ecb084f21a71abe4fb65e0e1e9d6a181da221dab2ccda2b8e294c7d0ffeb9f571c7279460133dc284423668
-
SSDEEP
6144:wlVh6vyQ6vOuUt78JARfEpIOtnQg3bXFm1dCBcORVNu5Srs:wHM6QmOuq7/VEpDn1+Cy+VY5f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-