General
-
Target
799aa746ae81f6a91060e0e2c1874bc9.bin
-
Size
2.4MB
-
Sample
240628-dakykaxcqe
-
MD5
a0d5207b0c962cc348d4a3d03f1821d2
-
SHA1
abdbb461a3fc0c7578fdd96a60b097f2f9114df1
-
SHA256
f671fcaea1d699a04d05bcb1a9a21fce8f085d47424bad2e17faed860748e8e8
-
SHA512
7b841cc491b3c22543b85404a9e950c36ec684f3078b4b0e6de599bf47fd4f1293adf7737e90dc622cf8ff79ab145d8e7e90e1e25a958ea29659636e00dc4706
-
SSDEEP
49152:Z2xJlQ1iBXHqF4CD/4LULXOs4JoaUgnuel9PDKq0N+6BR:Z2xJlTpHS4oRLX2JBnuelJD0N7T
Static task
static1
Behavioral task
behavioral1
Sample
8ab47005e85482fe056f48573d37d803ca5678e39769046c950bdd95eed7656f.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
8ab47005e85482fe056f48573d37d803ca5678e39769046c950bdd95eed7656f.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
5.42.65.92:27953
Targets
-
-
Target
8ab47005e85482fe056f48573d37d803ca5678e39769046c950bdd95eed7656f.exe
-
Size
3.5MB
-
MD5
799aa746ae81f6a91060e0e2c1874bc9
-
SHA1
a127a4d8e842a555604320ad65f1d5edc222e54f
-
SHA256
8ab47005e85482fe056f48573d37d803ca5678e39769046c950bdd95eed7656f
-
SHA512
c36e74ee922d31384b5c35d3bd76ed231a4f728dfbc24ea43b0f6448ef5d9099130ac52c222ee7dc3caf6d1ba34a4d0ac0d32e6a38343af683f6710c5f8e8209
-
SSDEEP
49152:/N8w2dOLj/qea2hXUV7AdZMTbTN+09bRnq+nQjk6zhj8toc6:ivB7A0+abRq+Q3zB8uc6
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-