General
-
Target
NEAS.5e0dcf9555a439844b49f4bb57deff70.exe
-
Size
1.1MB
-
Sample
231101-rgnvpaeb37
-
MD5
5e0dcf9555a439844b49f4bb57deff70
-
SHA1
2e6ee99f8f9b8b0491a5bf4463a70d664b734dce
-
SHA256
b5c7f0f01d530f84fa650c96cbb520d0f33a58385e3e2435d4d0494a99a69615
-
SHA512
8a59d2246d459ad17ee1e8c57a9629ac57bb5f4fe39aa466b041e7fcaa05f16a49af6c4e1c8015d6fa53216266d826c8f20fd41de25aeee3377627fdd125570b
-
SSDEEP
12288:aC9QXgMSMa29AS087kHCqZ+bwRO7bUjkgkruWSOKcEefhJuMmKK:atQMA29AX87kHCMVROfuQAb
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.5e0dcf9555a439844b49f4bb57deff70.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.5e0dcf9555a439844b49f4bb57deff70.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.5e0dcf9555a439844b49f4bb57deff70.exe
-
Size
1.1MB
-
MD5
5e0dcf9555a439844b49f4bb57deff70
-
SHA1
2e6ee99f8f9b8b0491a5bf4463a70d664b734dce
-
SHA256
b5c7f0f01d530f84fa650c96cbb520d0f33a58385e3e2435d4d0494a99a69615
-
SHA512
8a59d2246d459ad17ee1e8c57a9629ac57bb5f4fe39aa466b041e7fcaa05f16a49af6c4e1c8015d6fa53216266d826c8f20fd41de25aeee3377627fdd125570b
-
SSDEEP
12288:aC9QXgMSMa29AS087kHCqZ+bwRO7bUjkgkruWSOKcEefhJuMmKK:atQMA29AX87kHCMVROfuQAb
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-