General
-
Target
2bdd554d3c993b5d567af3d59a3b314047b7dde92646e05de56605817c347aeb
-
Size
3.3MB
-
Sample
240701-fn3rmszglq
-
MD5
dd8fd315f0fa9fa5f83be94f17f7d0d7
-
SHA1
d1e7808d62a360260b5009fbf4e138cc1be3cbab
-
SHA256
2bdd554d3c993b5d567af3d59a3b314047b7dde92646e05de56605817c347aeb
-
SHA512
3c65f265d8877c38d60bd89a8d267e6013134d0e1d1728663ce61332cdbebd27ca8db8fde0337448ab56538545344dcf7e2c9cee076a445946975a91db22b55f
-
SSDEEP
49152:hC+ACBK+KhwW9Ma1CQmrXQkaL8Z2fX42ahX6fS5m4QE1P5MP2spsKb7:h5ACv2CESEkxcXpWXuS5m471P5wsu
Static task
static1
Behavioral task
behavioral1
Sample
2bdd554d3c993b5d567af3d59a3b314047b7dde92646e05de56605817c347aeb.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
2bdd554d3c993b5d567af3d59a3b314047b7dde92646e05de56605817c347aeb.exe
Resource
win10-20240611-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
147.45.44.112:12004
Targets
-
-
Target
2bdd554d3c993b5d567af3d59a3b314047b7dde92646e05de56605817c347aeb
-
Size
3.3MB
-
MD5
dd8fd315f0fa9fa5f83be94f17f7d0d7
-
SHA1
d1e7808d62a360260b5009fbf4e138cc1be3cbab
-
SHA256
2bdd554d3c993b5d567af3d59a3b314047b7dde92646e05de56605817c347aeb
-
SHA512
3c65f265d8877c38d60bd89a8d267e6013134d0e1d1728663ce61332cdbebd27ca8db8fde0337448ab56538545344dcf7e2c9cee076a445946975a91db22b55f
-
SSDEEP
49152:hC+ACBK+KhwW9Ma1CQmrXQkaL8Z2fX42ahX6fS5m4QE1P5MP2spsKb7:h5ACv2CESEkxcXpWXuS5m471P5wsu
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-