General
-
Target
NEAS.f2282a932fe56fc7e2599dfb2eb47d80.exe
-
Size
1.1MB
-
Sample
231101-rqrb6sba43
-
MD5
f2282a932fe56fc7e2599dfb2eb47d80
-
SHA1
7b4b8760f74d466032b3e6d7a88b34bbe2757583
-
SHA256
5645473cb490ddcd17071ef3e2f94307fc67ba52f7550ec262087825cf11c99a
-
SHA512
237520e2bc6c9c88f67060344aa29371cbb5959f7ce8f1cfe05506543b478620471e6cc87467ba3829d5e14ff71886fe3d8975c87e3f5944f37cf6ef38a293b1
-
SSDEEP
12288:t6ygL5JNzHWdgAw/26p6LT9LLnM6GbSy9opulOdjlOus8Fr4bnTJoc7VbYZQLe79:/C5JNHWdgAw/26p6Xy6GbSROMh43Jir
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.f2282a932fe56fc7e2599dfb2eb47d80.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.f2282a932fe56fc7e2599dfb2eb47d80.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.f2282a932fe56fc7e2599dfb2eb47d80.exe
-
Size
1.1MB
-
MD5
f2282a932fe56fc7e2599dfb2eb47d80
-
SHA1
7b4b8760f74d466032b3e6d7a88b34bbe2757583
-
SHA256
5645473cb490ddcd17071ef3e2f94307fc67ba52f7550ec262087825cf11c99a
-
SHA512
237520e2bc6c9c88f67060344aa29371cbb5959f7ce8f1cfe05506543b478620471e6cc87467ba3829d5e14ff71886fe3d8975c87e3f5944f37cf6ef38a293b1
-
SSDEEP
12288:t6ygL5JNzHWdgAw/26p6LT9LLnM6GbSy9opulOdjlOus8Fr4bnTJoc7VbYZQLe79:/C5JNHWdgAw/26p6Xy6GbSROMh43Jir
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-