General
-
Target
f3d5417adab3fcf3d8f70ed37e7acef0b677ab7907122c7900133ebfa00d8458
-
Size
312KB
-
Sample
240911-wsn22svgre
-
MD5
ab06af28eabd848a572023a76ce875ac
-
SHA1
80a6338acd08b1c52b008179ed1c43fa6892fac5
-
SHA256
f3d5417adab3fcf3d8f70ed37e7acef0b677ab7907122c7900133ebfa00d8458
-
SHA512
1a9ed3fd31a495b4b43f778e0d63bd338c53aea45efe4d51509bdbb067faa74c0d8cc6e1a9908bb020302b8642852e46c0eeccc9b040e6ca2e1499640dca54cb
-
SSDEEP
6144:yMBav/6NbgdGyUe+nHarbN/sTeZdTCHqbu8uHTQNZxNSlggZ1zz8fkg:xsvWbgdhJ0GZsITg+uRHTQjmlggZ2
Static task
static1
Behavioral task
behavioral1
Sample
f3d5417adab3fcf3d8f70ed37e7acef0b677ab7907122c7900133ebfa00d8458.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral2
Sample
f3d5417adab3fcf3d8f70ed37e7acef0b677ab7907122c7900133ebfa00d8458.exe
Resource
win11-20240802-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
185.203.241.68:40901
Targets
-
-
Target
f3d5417adab3fcf3d8f70ed37e7acef0b677ab7907122c7900133ebfa00d8458
-
Size
312KB
-
MD5
ab06af28eabd848a572023a76ce875ac
-
SHA1
80a6338acd08b1c52b008179ed1c43fa6892fac5
-
SHA256
f3d5417adab3fcf3d8f70ed37e7acef0b677ab7907122c7900133ebfa00d8458
-
SHA512
1a9ed3fd31a495b4b43f778e0d63bd338c53aea45efe4d51509bdbb067faa74c0d8cc6e1a9908bb020302b8642852e46c0eeccc9b040e6ca2e1499640dca54cb
-
SSDEEP
6144:yMBav/6NbgdGyUe+nHarbN/sTeZdTCHqbu8uHTQNZxNSlggZ1zz8fkg:xsvWbgdhJ0GZsITg+uRHTQjmlggZ2
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-