General
-
Target
adbf66605a6b569b3b4e915ad9cdf271c0889a14fc59b70233b2c966fca1dc93
-
Size
3.1MB
-
Sample
240624-gdjfpaydmc
-
MD5
d3280c8db77e7d70bc80ad58e875dcf5
-
SHA1
e344a0bc5e42fba4ee4bd89827b46642481fb67c
-
SHA256
adbf66605a6b569b3b4e915ad9cdf271c0889a14fc59b70233b2c966fca1dc93
-
SHA512
3c3bdb76929d39fc83fb244dca15ddf358bc1fa0d447d28c4996c5c389cd411c396b6ca20d0dd64728b6e8ab13591c538cfdc01acc3c62a04793243646c28d2c
-
SSDEEP
49152:I5cmt/rNUf4GLsBxS+8cY3L0FnpyDLuNblwy:I5c+/osBxnE4npOuNblh
Static task
static1
Behavioral task
behavioral1
Sample
adbf66605a6b569b3b4e915ad9cdf271c0889a14fc59b70233b2c966fca1dc93.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
adbf66605a6b569b3b4e915ad9cdf271c0889a14fc59b70233b2c966fca1dc93.exe
Resource
win10-20240404-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.92:27953
Targets
-
-
Target
adbf66605a6b569b3b4e915ad9cdf271c0889a14fc59b70233b2c966fca1dc93
-
Size
3.1MB
-
MD5
d3280c8db77e7d70bc80ad58e875dcf5
-
SHA1
e344a0bc5e42fba4ee4bd89827b46642481fb67c
-
SHA256
adbf66605a6b569b3b4e915ad9cdf271c0889a14fc59b70233b2c966fca1dc93
-
SHA512
3c3bdb76929d39fc83fb244dca15ddf358bc1fa0d447d28c4996c5c389cd411c396b6ca20d0dd64728b6e8ab13591c538cfdc01acc3c62a04793243646c28d2c
-
SSDEEP
49152:I5cmt/rNUf4GLsBxS+8cY3L0FnpyDLuNblwy:I5c+/osBxnE4npOuNblh
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-