General
-
Target
NEAS.fb542be9e0631ad13380aa08ba06bb30.exe
-
Size
1.1MB
-
Sample
231101-rraqtabd34
-
MD5
fb542be9e0631ad13380aa08ba06bb30
-
SHA1
0cda9dfe29fbe6b694ab4cd86d7d98d3ca4dcca4
-
SHA256
0010113243eacd969bf9918d6ba108c3c6aebf723be406cf62822118c0aeb0c2
-
SHA512
af37416520b56d1891eb8e14258cc97a82d0d03c415ea8f14c6d4c7820fa0338c26a259d43c7d766dd917193430a5f6293b9aaa62dfa7d8726ec174024c48c40
-
SSDEEP
12288:olIptcfu3Yp9M8iCNC8iULZL7gKxDZBEjE7teumy2ye9Yx9yKNK:XpGfu3Yp9M8iCQ8NZQoDZBESx9y
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.fb542be9e0631ad13380aa08ba06bb30.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.fb542be9e0631ad13380aa08ba06bb30.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.fb542be9e0631ad13380aa08ba06bb30.exe
-
Size
1.1MB
-
MD5
fb542be9e0631ad13380aa08ba06bb30
-
SHA1
0cda9dfe29fbe6b694ab4cd86d7d98d3ca4dcca4
-
SHA256
0010113243eacd969bf9918d6ba108c3c6aebf723be406cf62822118c0aeb0c2
-
SHA512
af37416520b56d1891eb8e14258cc97a82d0d03c415ea8f14c6d4c7820fa0338c26a259d43c7d766dd917193430a5f6293b9aaa62dfa7d8726ec174024c48c40
-
SSDEEP
12288:olIptcfu3Yp9M8iCNC8iULZL7gKxDZBEjE7teumy2ye9Yx9yKNK:XpGfu3Yp9M8iCQ8NZQoDZBESx9y
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-