General
-
Target
0af5c49133422030899cfe674dfd6e26301237f2dc5f34e52db1bee2187d5b10
-
Size
2.3MB
-
Sample
240701-fnc6zszgjm
-
MD5
73b6456450d11b9eac05b4e58aabe8a5
-
SHA1
0074cd03e2f02eb1511046b1489190973adf6f34
-
SHA256
0af5c49133422030899cfe674dfd6e26301237f2dc5f34e52db1bee2187d5b10
-
SHA512
5eb7cea71b0b77e9645a66acd739ae9adc8ced2818edc38e5d8827d9f431657f2e8c7297ed43f37a47216c78b459bcae4015b9396321f57d2960d6989ca7e328
-
SSDEEP
49152:m/LB+rYPZ14KMqpvK0nyckxBThGcfQj9wpF3:m/9cB2Fu/pF3
Static task
static1
Behavioral task
behavioral1
Sample
0af5c49133422030899cfe674dfd6e26301237f2dc5f34e52db1bee2187d5b10.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
0af5c49133422030899cfe674dfd6e26301237f2dc5f34e52db1bee2187d5b10.exe
Resource
win10-20240404-en
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
77.105.135.107:3445
Targets
-
-
Target
0af5c49133422030899cfe674dfd6e26301237f2dc5f34e52db1bee2187d5b10
-
Size
2.3MB
-
MD5
73b6456450d11b9eac05b4e58aabe8a5
-
SHA1
0074cd03e2f02eb1511046b1489190973adf6f34
-
SHA256
0af5c49133422030899cfe674dfd6e26301237f2dc5f34e52db1bee2187d5b10
-
SHA512
5eb7cea71b0b77e9645a66acd739ae9adc8ced2818edc38e5d8827d9f431657f2e8c7297ed43f37a47216c78b459bcae4015b9396321f57d2960d6989ca7e328
-
SSDEEP
49152:m/LB+rYPZ14KMqpvK0nyckxBThGcfQj9wpF3:m/9cB2Fu/pF3
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-