General
-
Target
34a2b5ec0b1983aa200e34c6e798217401d06debc50a6041b5f4bee7f7709c3b
-
Size
324KB
-
Sample
240912-2gy1rszama
-
MD5
03c684d108487e21586c867a879479fc
-
SHA1
7fb35d06d76addde6ac57015331c7ce728b7759d
-
SHA256
34a2b5ec0b1983aa200e34c6e798217401d06debc50a6041b5f4bee7f7709c3b
-
SHA512
210dfb25e13f44e93d0cfe5837ca5222d815388c92dc00d689da0b56e0e4057103de5597457b8b66d2dd1a193ef31793b5b50fa081a7f8bb296caaa4b447a63a
-
SSDEEP
6144:Kdb0JQFFuj81Mu8JDCHr0iGu+AKHXsX3luAZGhHbbBqd6q:BJtg1M/CHGAGssAMri
Static task
static1
Behavioral task
behavioral1
Sample
34a2b5ec0b1983aa200e34c6e798217401d06debc50a6041b5f4bee7f7709c3b.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
34a2b5ec0b1983aa200e34c6e798217401d06debc50a6041b5f4bee7f7709c3b.exe
Resource
win10-20240404-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
77.83.175.241:19849
Targets
-
-
Target
34a2b5ec0b1983aa200e34c6e798217401d06debc50a6041b5f4bee7f7709c3b
-
Size
324KB
-
MD5
03c684d108487e21586c867a879479fc
-
SHA1
7fb35d06d76addde6ac57015331c7ce728b7759d
-
SHA256
34a2b5ec0b1983aa200e34c6e798217401d06debc50a6041b5f4bee7f7709c3b
-
SHA512
210dfb25e13f44e93d0cfe5837ca5222d815388c92dc00d689da0b56e0e4057103de5597457b8b66d2dd1a193ef31793b5b50fa081a7f8bb296caaa4b447a63a
-
SSDEEP
6144:Kdb0JQFFuj81Mu8JDCHr0iGu+AKHXsX3luAZGhHbbBqd6q:BJtg1M/CHGAGssAMri
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-