Overview

overview

10

Static

static

1

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2bdd554d3c993b5d567af3d59a3b314047b7dde92646e05de56605817c347aeb

  • Size

    3.3MB

  • Sample

    240701-fn3rmszglq

  • MD5

    dd8fd315f0fa9fa5f83be94f17f7d0d7

  • SHA1

    d1e7808d62a360260b5009fbf4e138cc1be3cbab

  • SHA256

    2bdd554d3c993b5d567af3d59a3b314047b7dde92646e05de56605817c347aeb

  • SHA512

    3c65f265d8877c38d60bd89a8d267e6013134d0e1d1728663ce61332cdbebd27ca8db8fde0337448ab56538545344dcf7e2c9cee076a445946975a91db22b55f

  • SSDEEP

    49152:hC+ACBK+KhwW9Ma1CQmrXQkaL8Z2fX42ahX6fS5m4QE1P5MP2spsKb7:h5ACv2CESEkxcXpWXuS5m471P5wsu

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

147.45.44.112:12004

Targets

    • Target

      2bdd554d3c993b5d567af3d59a3b314047b7dde92646e05de56605817c347aeb

    • Size

      3.3MB

    • MD5

      dd8fd315f0fa9fa5f83be94f17f7d0d7

    • SHA1

      d1e7808d62a360260b5009fbf4e138cc1be3cbab

    • SHA256

      2bdd554d3c993b5d567af3d59a3b314047b7dde92646e05de56605817c347aeb

    • SHA512

      3c65f265d8877c38d60bd89a8d267e6013134d0e1d1728663ce61332cdbebd27ca8db8fde0337448ab56538545344dcf7e2c9cee076a445946975a91db22b55f

    • SSDEEP

      49152:hC+ACBK+KhwW9Ma1CQmrXQkaL8Z2fX42ahX6fS5m4QE1P5MP2spsKb7:h5ACv2CESEkxcXpWXuS5m471P5wsu

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks