General
-
Target
NEAS.25863cdff8cab03f1834728b41b61450.exe
-
Size
1.1MB
-
Sample
231101-q8axgaae2t
-
MD5
25863cdff8cab03f1834728b41b61450
-
SHA1
bcb9a4713defdc5b42f76f05e5cb3cd4740ae495
-
SHA256
a638d5981dd50c323f19de75c7e643c8f6a4cb8ec64fbaf023299bff901a02c3
-
SHA512
65efe9d06bc3f38094472979b86a4627474458824d464af244bbc080da8288f0829099c5577c34b41d2d519c338ad18c2f8d9f0628b74ca673c2d38b189cddfc
-
SSDEEP
12288:OC9oTgeBMa29AS087kHCqZfjIR+LbUjZAkEuWSe5K5xvTmZKK:OlEet29AX87kHCs8R+vuxXI
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.25863cdff8cab03f1834728b41b61450.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
NEAS.25863cdff8cab03f1834728b41b61450.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.25863cdff8cab03f1834728b41b61450.exe
-
Size
1.1MB
-
MD5
25863cdff8cab03f1834728b41b61450
-
SHA1
bcb9a4713defdc5b42f76f05e5cb3cd4740ae495
-
SHA256
a638d5981dd50c323f19de75c7e643c8f6a4cb8ec64fbaf023299bff901a02c3
-
SHA512
65efe9d06bc3f38094472979b86a4627474458824d464af244bbc080da8288f0829099c5577c34b41d2d519c338ad18c2f8d9f0628b74ca673c2d38b189cddfc
-
SSDEEP
12288:OC9oTgeBMa29AS087kHCqZfjIR+LbUjZAkEuWSe5K5xvTmZKK:OlEet29AX87kHCs8R+vuxXI
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-