General
-
Target
NEAS.166abb67548e0ba1f752a3390a9639b0.exe
-
Size
1.1MB
-
Sample
231101-q7gnmahh9s
-
MD5
166abb67548e0ba1f752a3390a9639b0
-
SHA1
55ac375cb138269fb50bb6aa4fb47a1737f3eb3f
-
SHA256
75c176d0f5d671b7a45e3dd6b333eaeab5c62640a2de44966c4731127de75630
-
SHA512
1db79e73c558905039d1497d0ec7ec01c0d3347bfc1aecdb812fa33aea1bc9a1df05da4309c5d778667da351dba7e135f8c8da1ac1ad655d39a72f71feda54f0
-
SSDEEP
12288:gC9Q0g1/Ma29AS087kHCqZ+bwRO7bUjkgkruWSO298PHGc6UuQ+1FQkMPevKK:gtV1L29AX87kHCMVROfuOe+nPev
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.166abb67548e0ba1f752a3390a9639b0.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.166abb67548e0ba1f752a3390a9639b0.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.166abb67548e0ba1f752a3390a9639b0.exe
-
Size
1.1MB
-
MD5
166abb67548e0ba1f752a3390a9639b0
-
SHA1
55ac375cb138269fb50bb6aa4fb47a1737f3eb3f
-
SHA256
75c176d0f5d671b7a45e3dd6b333eaeab5c62640a2de44966c4731127de75630
-
SHA512
1db79e73c558905039d1497d0ec7ec01c0d3347bfc1aecdb812fa33aea1bc9a1df05da4309c5d778667da351dba7e135f8c8da1ac1ad655d39a72f71feda54f0
-
SSDEEP
12288:gC9Q0g1/Ma29AS087kHCqZ+bwRO7bUjkgkruWSO298PHGc6UuQ+1FQkMPevKK:gtV1L29AX87kHCMVROfuOe+nPev
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-