redline | 3f84fd562f0fa9c7c4100422fa695a550b273f0fbcc1499f421d0b1d451d6a6a | Triage

Submit
Reports

Overview

overview

Static

static

neisteri.exe

windows7_x64

neisteri.exe

windows10_x64

Sharing

General

Target

neisteri.exe
Size

1.6MB
Sample

210427-9mryt1q37e
MD5

d63342274863a51e0bccbc8a02af07c6
SHA1

db808470122b8c85f9fca9daf1008fb7d32df83e
SHA256

3f84fd562f0fa9c7c4100422fa695a550b273f0fbcc1499f421d0b1d451d6a6a
SHA512

a585af6a70111f27029e0a1375070124238d670e449a828396f3ca8a9300b41557470af2173fe9f11cc37d4a69f59f658fa022043ecfd7df876fe68033dc0c98

Score

10^/10

redline neisteri infostealer

Static task

static1

Behavioral task

behavioral1

Sample

neisteri.exe

Resource

win7v20210408

redline neisteri infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

neisteri.exe

Resource

win10v20210410

redline neisteri infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

neisteri

C2

194.147.142.46:19250

Targets

- Target
  
  neisteri.exe
- Size
  
  1.6MB
- MD5
  
  d63342274863a51e0bccbc8a02af07c6
- SHA1
  
  db808470122b8c85f9fca9daf1008fb7d32df83e
- SHA256
  
  3f84fd562f0fa9c7c4100422fa695a550b273f0fbcc1499f421d0b1d451d6a6a
- SHA512
  
  a585af6a70111f27029e0a1375070124238d670e449a828396f3ca8a9300b41557470af2173fe9f11cc37d4a69f59f658fa022043ecfd7df876fe68033dc0c98
Score

10^/10

redline neisteri infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineneisteriinfostealer

behavioral2

redlineneisteriinfostealer

© 2018-2024

Terms | Privacy