Overview

overview

10

Static

static

3

NEAS.25863...50.exe

windows7-x64

10

NEAS.25863...50.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.25863cdff8cab03f1834728b41b61450.exe

  • Size

    1.1MB

  • Sample

    231101-q8axgaae2t

  • MD5

    25863cdff8cab03f1834728b41b61450

  • SHA1

    bcb9a4713defdc5b42f76f05e5cb3cd4740ae495

  • SHA256

    a638d5981dd50c323f19de75c7e643c8f6a4cb8ec64fbaf023299bff901a02c3

  • SHA512

    65efe9d06bc3f38094472979b86a4627474458824d464af244bbc080da8288f0829099c5577c34b41d2d519c338ad18c2f8d9f0628b74ca673c2d38b189cddfc

  • SSDEEP

    12288:OC9oTgeBMa29AS087kHCqZfjIR+LbUjZAkEuWSe5K5xvTmZKK:OlEet29AX87kHCs8R+vuxXI

Score
10/10
redlinegromeinfostealer

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Targets

    • Target

      NEAS.25863cdff8cab03f1834728b41b61450.exe

    • Size

      1.1MB

    • MD5

      25863cdff8cab03f1834728b41b61450

    • SHA1

      bcb9a4713defdc5b42f76f05e5cb3cd4740ae495

    • SHA256

      a638d5981dd50c323f19de75c7e643c8f6a4cb8ec64fbaf023299bff901a02c3

    • SHA512

      65efe9d06bc3f38094472979b86a4627474458824d464af244bbc080da8288f0829099c5577c34b41d2d519c338ad18c2f8d9f0628b74ca673c2d38b189cddfc

    • SSDEEP

      12288:OC9oTgeBMa29AS087kHCqZfjIR+LbUjZAkEuWSe5K5xvTmZKK:OlEet29AX87kHCs8R+vuxXI

    Score
    10/10
    redlinegromeinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks