General
-
Target
NEAS.532959c7c83db0c4ecd38b4916864920.exe
-
Size
1.1MB
-
Sample
231101-rfzkssdg64
-
MD5
532959c7c83db0c4ecd38b4916864920
-
SHA1
5d12a047ff0d5f51e6d01d7730bb0e831e22e676
-
SHA256
fc6002e861022438cffa1f13c77155baab080332ba15fe948736367e626c526f
-
SHA512
1021d97d1b73b21c5d5a8224bce636202bb3933100afe7ca682846107d8a6ece4c1a6c2254f8d9e987f7ff1442e5989b7d685cafaf3aa936d91a72f4691dc500
-
SSDEEP
12288:xC9ougrcMa29AS087kHCqZXjIR+LbUjZAkEuWSehG45+MWI0zGt/eBMKHCQbJVCp:xljra29AX87kHCsUR+vuxnhiKo
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.532959c7c83db0c4ecd38b4916864920.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.532959c7c83db0c4ecd38b4916864920.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.532959c7c83db0c4ecd38b4916864920.exe
-
Size
1.1MB
-
MD5
532959c7c83db0c4ecd38b4916864920
-
SHA1
5d12a047ff0d5f51e6d01d7730bb0e831e22e676
-
SHA256
fc6002e861022438cffa1f13c77155baab080332ba15fe948736367e626c526f
-
SHA512
1021d97d1b73b21c5d5a8224bce636202bb3933100afe7ca682846107d8a6ece4c1a6c2254f8d9e987f7ff1442e5989b7d685cafaf3aa936d91a72f4691dc500
-
SSDEEP
12288:xC9ougrcMa29AS087kHCqZXjIR+LbUjZAkEuWSehG45+MWI0zGt/eBMKHCQbJVCp:xljra29AX87kHCsUR+vuxnhiKo
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-