redline | f7c5362c23dcb97a281834881d8f4be11e7f466cf0ae45afecda622dd0e3e5d7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

0f9259d9ec...f7.exe

windows7-x64

0f9259d9ec...f7.exe

windows10-2004-x64

Sharing

General

Target

f7c5362c23dcb97a281834881d8f4be11e7f466cf0ae45afecda622dd0e3e5d7
Size

118KB
Sample

241109-sx6wwaxcqk
MD5

319617db11aa56547faaf9472b7e2088
SHA1

0c53b59284474a9bad6f6167e7e4aca966510a1e
SHA256

f7c5362c23dcb97a281834881d8f4be11e7f466cf0ae45afecda622dd0e3e5d7
SHA512

cf51a147d1b34ad712fc6c17a82abe547b1d1b7511601609089b5be5f9ac509edaa5adbe777f08740f09e4f5454cfdb4015ce42454999c843f79d20e8d622c59
SSDEEP

1536:m7+s7Xxm9chgyfc0go4ncgWaPWneW39ln/8b++1O/6aJJYSQHo2nJSGQd:GM9chgUjgLNW3cb++ESWJj9J

Score

10^/10

redline logsdiller cloud (tg: @logsdillabot)discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0f9259d9ec6ddbceffacb00972ebb9da2e64a6394be718d429a1098309cee3f7.exe

Resource

win7-20241023-en

redline logsdiller cloud (tg: @logsdillabot)discovery infostealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

0f9259d9ec6ddbceffacb00972ebb9da2e64a6394be718d429a1098309cee3f7.exe

Resource

win10v2004-20241007-en

redline logsdiller cloud (tg: @logsdillabot)discovery infostealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

213.32.44.120:6254

Attributes

auth_value
3a050df92d0cf082b2cdaf87863616be

Targets

- Target
  
  0f9259d9ec6ddbceffacb00972ebb9da2e64a6394be718d429a1098309cee3f7.exe
- Size
  
  218KB
- MD5
  
  39bf0830a1bf7b09f4003d9a5aa5ee61
- SHA1
  
  d4815979335cdc3fe707021e78d2f6700e477d19
- SHA256
  
  0f9259d9ec6ddbceffacb00972ebb9da2e64a6394be718d429a1098309cee3f7
- SHA512
  
  50de828f051e12256c9689c7b89e743331b0c5f7e1f17801f09d93bff8494081e0d400efa184571cfadb7b6aadb4d1d25e6c48fd44a5f493beb647890337c78e
- SSDEEP
  
  3072:dhwEAeBDfEHTGYpYfFP9G4YcpHprAWWxAX+EuPCA5Xxw0qoXm5c84DRglg4bHJ:dShiEH6zXHljWxL35XS032c3DRgSYHJ
Score

10^/10

redline logsdiller cloud (tg: @logsdillabot)discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinelogsdiller cloud (tg: @logsdillabot)discoveryinfostealer

behavioral2

redlinelogsdiller cloud (tg: @logsdillabot)discoveryinfostealer

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.