General
-
Target
NEAS.6b86fdc3ed2e6d40901c1323693174d0.exe
-
Size
1.1MB
-
Sample
231101-rhd2waee53
-
MD5
6b86fdc3ed2e6d40901c1323693174d0
-
SHA1
a010265dd9caba820098530d220574ebbbdd9910
-
SHA256
7f83f5faa204c1c4ca3883cdf719871333ce7e1624c40f07386f14885b7a5f1b
-
SHA512
ba90ca97c6919cf208769e96c6960c2b8c8e8e4bb253cb67793a31fe874041460400185feef71c5d56de3ceeaaa8905c65b58fa2a022a1175e5cc89b0e7c82b8
-
SSDEEP
12288:xC9oWgGgMa29AS087kHCqZfjIR+LbUjZAkEuWSe4IsleuW8TBlR8ocoVLBY3Ddyv:xlrG229AX87kHCs8R+vu7Ru1g
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.6b86fdc3ed2e6d40901c1323693174d0.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.6b86fdc3ed2e6d40901c1323693174d0.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.6b86fdc3ed2e6d40901c1323693174d0.exe
-
Size
1.1MB
-
MD5
6b86fdc3ed2e6d40901c1323693174d0
-
SHA1
a010265dd9caba820098530d220574ebbbdd9910
-
SHA256
7f83f5faa204c1c4ca3883cdf719871333ce7e1624c40f07386f14885b7a5f1b
-
SHA512
ba90ca97c6919cf208769e96c6960c2b8c8e8e4bb253cb67793a31fe874041460400185feef71c5d56de3ceeaaa8905c65b58fa2a022a1175e5cc89b0e7c82b8
-
SSDEEP
12288:xC9oWgGgMa29AS087kHCqZfjIR+LbUjZAkEuWSe4IsleuW8TBlR8ocoVLBY3Ddyv:xlrG229AX87kHCs8R+vu7Ru1g
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-