redline | e63036cb18083af12146e4a679bb5ae0cefea310a083c6dc78a8c88365896fe5 | Triage

Submit
Reports

Overview

overview

Static

static

1

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

e63036cb18083af12146e4a679bb5ae0cefea310a083c6dc78a8c88365896fe5
Size

323KB
Sample

240926-29ywgawcnf
MD5

72f7c1208efd829ad580e839494a681c
SHA1

d636bbd7470cc3bfa5047d52ba78c48d5269f3f7
SHA256

e63036cb18083af12146e4a679bb5ae0cefea310a083c6dc78a8c88365896fe5
SHA512

7fd40218ce72b1a9ff422f9d92dbccdda376eb4e519c90a61fdb48868b9effb8f13f37dc1e288c0fcf4717c946433252518fd16bc49480238d8a46c459310d06
SSDEEP

6144:JRJ+dXQfkINIrPVJQ1gjbNL1qa41Brn1ouauy+gPE06qlGkNh8EYs:IImrnvbNi/quy+cEY8QV

Score

10^/10

redline logsdiller cloud (tg: @logsdillabot)discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

e63036cb18083af12146e4a679bb5ae0cefea310a083c6dc78a8c88365896fe5.exe

Resource

win7-20240708-en

redline logsdiller cloud (tg: @logsdillabot)discovery infostealer

windows7-x64

7 signatures

300 seconds

Behavioral task

behavioral2

Sample

e63036cb18083af12146e4a679bb5ae0cefea310a083c6dc78a8c88365896fe5.exe

Resource

win10-20240404-en

redline logsdiller cloud (tg: @logsdillabot)discovery infostealer

windows10-1703-x64

7 signatures

300 seconds

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

193.233.255.84:4284

Targets

- Target
  
  e63036cb18083af12146e4a679bb5ae0cefea310a083c6dc78a8c88365896fe5
- Size
  
  323KB
- MD5
  
  72f7c1208efd829ad580e839494a681c
- SHA1
  
  d636bbd7470cc3bfa5047d52ba78c48d5269f3f7
- SHA256
  
  e63036cb18083af12146e4a679bb5ae0cefea310a083c6dc78a8c88365896fe5
- SHA512
  
  7fd40218ce72b1a9ff422f9d92dbccdda376eb4e519c90a61fdb48868b9effb8f13f37dc1e288c0fcf4717c946433252518fd16bc49480238d8a46c459310d06
- SSDEEP
  
  6144:JRJ+dXQfkINIrPVJQ1gjbNL1qa41Brn1ouauy+gPE06qlGkNh8EYs:IImrnvbNi/quy+cEY8QV
Score

10^/10

redline logsdiller cloud (tg: @logsdillabot)discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinelogsdiller cloud (tg: @logsdillabot)discoveryinfostealer

behavioral2

redlinelogsdiller cloud (tg: @logsdillabot)discoveryinfostealer

© 2018-2025

Terms | Privacy