General
-
Target
11506bb939332f58920d0a3c8ad1c5c2.bin
-
Size
309KB
-
Sample
240914-bc29hszajg
-
MD5
0a8571436d4b2246fb2d5337713e23dc
-
SHA1
b2a37c4abe8828fe375f13bd2ea9eb3b31c71298
-
SHA256
a54d2ae32c945c019797c2ae59603eca6804b932c9e1751669f64e4ea7a5c45e
-
SHA512
3a4e65a14b0e0307198c21149a2efb899cdbeb6ecda3902d209ca8c8a41454d1889842188dd06c054ff5cbe926083436ca0352848adf5c9599b67a5a36feb6c7
-
SSDEEP
6144:f+Ljmd3Xto+HWBQxR0xeUsuuFxN6tgKl9xbHzn0Wk9VOdM5/KA99pHWLcwCZ+8:WveHAmRweUf6B9VWMpKwXZ+8
Static task
static1
Behavioral task
behavioral1
Sample
4ed6d72fef68c583439e803871226e76588ce6436d10362011b21763e0ccf176.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4ed6d72fef68c583439e803871226e76588ce6436d10362011b21763e0ccf176.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
185.203.241.68:40901
Targets
-
-
Target
4ed6d72fef68c583439e803871226e76588ce6436d10362011b21763e0ccf176.exe
-
Size
313KB
-
MD5
11506bb939332f58920d0a3c8ad1c5c2
-
SHA1
84a51f6e540a74df7cba44454d162fdaefebc0e5
-
SHA256
4ed6d72fef68c583439e803871226e76588ce6436d10362011b21763e0ccf176
-
SHA512
ae52f9c23d8602f5d0124690ba271725b6c05abe96fc653c6fd9e701931c4b06c7ba085b3731866367d28f3013c01ba902f200a4ab7451ae162cfa6a7356450a
-
SSDEEP
6144:bcpDFLyc58oYip9to/FgQmfy0uOlxyRyr2Y7ND6:bADY08oYip9tot2rlwRyy+
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-