General
-
Target
NEAS.cccccf0905cc874b72673e8470a6646ce45dbcc5d697d00a0250bf482bc2bf51_JC.exe
-
Size
1.2MB
-
Sample
231007-qxdtzscg5v
-
MD5
1fa465eeea7c9b1c62997f88576cc78a
-
SHA1
e900f5645a5a6a030cbfc0acfe86f65185575242
-
SHA256
cccccf0905cc874b72673e8470a6646ce45dbcc5d697d00a0250bf482bc2bf51
-
SHA512
c342cc04db9fa72a166a0d487128ce04d786aa37ec47372c0485d9b59fa4cb2d5103372a64fea375e7357b59218bd76ca07ba7f52fecdc3a1994999f4d6b5fb1
-
SSDEEP
24576:ly3CJ2SEHV1EM1CW7Su9yy+oAAe/7N1a7Ie1I8/sAA5:AA5IPx9Lg/7N1aDv/LA
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.cccccf0905cc874b72673e8470a6646ce45dbcc5d697d00a0250bf482bc2bf51_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.cccccf0905cc874b72673e8470a6646ce45dbcc5d697d00a0250bf482bc2bf51_JC.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
NEAS.cccccf0905cc874b72673e8470a6646ce45dbcc5d697d00a0250bf482bc2bf51_JC.exe
-
Size
1.2MB
-
MD5
1fa465eeea7c9b1c62997f88576cc78a
-
SHA1
e900f5645a5a6a030cbfc0acfe86f65185575242
-
SHA256
cccccf0905cc874b72673e8470a6646ce45dbcc5d697d00a0250bf482bc2bf51
-
SHA512
c342cc04db9fa72a166a0d487128ce04d786aa37ec47372c0485d9b59fa4cb2d5103372a64fea375e7357b59218bd76ca07ba7f52fecdc3a1994999f4d6b5fb1
-
SSDEEP
24576:ly3CJ2SEHV1EM1CW7Su9yy+oAAe/7N1a7Ie1I8/sAA5:AA5IPx9Lg/7N1aDv/LA
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-