General
-
Target
f5dbb1b4280665ed5d85392c1f7050e4c15764ab222ccc2fbb63b0dcd7846507
-
Size
1.0MB
-
Sample
240912-2sagjszfqh
-
MD5
5673f47783f3a8e794f6863f1a7c3c7d
-
SHA1
b637c700674c14a92517fd3e5f77075f1c7bfc9e
-
SHA256
f5dbb1b4280665ed5d85392c1f7050e4c15764ab222ccc2fbb63b0dcd7846507
-
SHA512
67f6aeed5aac04a5c4707ca02805d962644790b6e42d89afa0e313189faf0aadccaf91d97b460fa2429326fb1dc3c45bb4adcc1215d8eadc6d9c3c6932c96105
-
SSDEEP
24576:i9RYhVXyWZpWlT6m2PgCHFvlVTcgPmK3yPmla77sBhnGP/+fNpBk/rVN:ivRWZpLmn6FNVFmKiea3sLnGF/BN
Static task
static1
Behavioral task
behavioral1
Sample
f5dbb1b4280665ed5d85392c1f7050e4c15764ab222ccc2fbb63b0dcd7846507.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f5dbb1b4280665ed5d85392c1f7050e4c15764ab222ccc2fbb63b0dcd7846507.exe
Resource
win10-20240404-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
45.91.202.63:25415
Targets
-
-
Target
f5dbb1b4280665ed5d85392c1f7050e4c15764ab222ccc2fbb63b0dcd7846507
-
Size
1.0MB
-
MD5
5673f47783f3a8e794f6863f1a7c3c7d
-
SHA1
b637c700674c14a92517fd3e5f77075f1c7bfc9e
-
SHA256
f5dbb1b4280665ed5d85392c1f7050e4c15764ab222ccc2fbb63b0dcd7846507
-
SHA512
67f6aeed5aac04a5c4707ca02805d962644790b6e42d89afa0e313189faf0aadccaf91d97b460fa2429326fb1dc3c45bb4adcc1215d8eadc6d9c3c6932c96105
-
SSDEEP
24576:i9RYhVXyWZpWlT6m2PgCHFvlVTcgPmK3yPmla77sBhnGP/+fNpBk/rVN:ivRWZpLmn6FNVFmKiea3sLnGF/BN
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates processes with tasklist
-