Overview

overview

10

Static

static

1

8ab47005e8...6f.exe

windows7-x64

10

8ab47005e8...6f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    799aa746ae81f6a91060e0e2c1874bc9.bin

  • Size

    2.4MB

  • Sample

    240628-dakykaxcqe

  • MD5

    a0d5207b0c962cc348d4a3d03f1821d2

  • SHA1

    abdbb461a3fc0c7578fdd96a60b097f2f9114df1

  • SHA256

    f671fcaea1d699a04d05bcb1a9a21fce8f085d47424bad2e17faed860748e8e8

  • SHA512

    7b841cc491b3c22543b85404a9e950c36ec684f3078b4b0e6de599bf47fd4f1293adf7737e90dc622cf8ff79ab145d8e7e90e1e25a958ea29659636e00dc4706

  • SSDEEP

    49152:Z2xJlQ1iBXHqF4CD/4LULXOs4JoaUgnuel9PDKq0N+6BR:Z2xJlTpHS4oRLX2JBnuelJD0N7T

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.92:27953

Targets

    • Target

      8ab47005e85482fe056f48573d37d803ca5678e39769046c950bdd95eed7656f.exe

    • Size

      3.5MB

    • MD5

      799aa746ae81f6a91060e0e2c1874bc9

    • SHA1

      a127a4d8e842a555604320ad65f1d5edc222e54f

    • SHA256

      8ab47005e85482fe056f48573d37d803ca5678e39769046c950bdd95eed7656f

    • SHA512

      c36e74ee922d31384b5c35d3bd76ed231a4f728dfbc24ea43b0f6448ef5d9099130ac52c222ee7dc3caf6d1ba34a4d0ac0d32e6a38343af683f6710c5f8e8209

    • SSDEEP

      49152:/N8w2dOLj/qea2hXUV7AdZMTbTN+09bRnq+nQjk6zhj8toc6:ivB7A0+abRq+Q3zB8uc6

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks