General

  • Target

    92537d819734351b6253d8f6d46ea9ac7ea0cc333ca931c6294ea725c67a760f

  • Size

    313KB

  • Sample

    240913-nczjvaygpj

  • MD5

    c5c4a358bd11899bb373a1872e26ac78

  • SHA1

    416b3560b589bfdd88327677318f465a7eb20b96

  • SHA256

    92537d819734351b6253d8f6d46ea9ac7ea0cc333ca931c6294ea725c67a760f

  • SHA512

    8c55b5eb9bf06de3041967ad6bad9ba39b00f4dedc6a11675ac1c5111fc7b3612f4e0034277a2bbca781e692c268641d11b65f4fe506b020ffad161f9d815a43

  • SSDEEP

    6144:VCPQLljGEOjJeGZvm3zwV4HMAsc1JI9bvpWZjAj36nd8oJRmYTDNBVsvrLZ/UOJL:VhLMjJVZwQ4HzXLItfj36d8cRDvNTm3R

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

77.83.175.241:19849

Targets

    • Target

      92537d819734351b6253d8f6d46ea9ac7ea0cc333ca931c6294ea725c67a760f

    • Size

      313KB

    • MD5

      c5c4a358bd11899bb373a1872e26ac78

    • SHA1

      416b3560b589bfdd88327677318f465a7eb20b96

    • SHA256

      92537d819734351b6253d8f6d46ea9ac7ea0cc333ca931c6294ea725c67a760f

    • SHA512

      8c55b5eb9bf06de3041967ad6bad9ba39b00f4dedc6a11675ac1c5111fc7b3612f4e0034277a2bbca781e692c268641d11b65f4fe506b020ffad161f9d815a43

    • SSDEEP

      6144:VCPQLljGEOjJeGZvm3zwV4HMAsc1JI9bvpWZjAj36nd8oJRmYTDNBVsvrLZ/UOJL:VhLMjJVZwQ4HzXLItfj36d8cRDvNTm3R

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks