Overview

overview

10

Static

static

3

NEAS.b847d...JC.exe

windows7-x64

10

NEAS.b847d...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.b847d5f1861026f707700bb663668f10_JC.exe

  • Size

    1.1MB

  • Sample

    231103-dz9cfsdd43

  • MD5

    b847d5f1861026f707700bb663668f10

  • SHA1

    925ea7cff66616bc61536cf397c5a183b92eb1fa

  • SHA256

    55077c3cb4d778f7d242568ba6912e7e259d11a53f548a60993394e74b39226d

  • SHA512

    32ca44bffa9151f0b7a30e05cc6bcf716df234f0994aec73fc8f416d749fa198a52b275de41dd2d9448da7c7c0f0af74197994e7045e84af05a47f80d8ed0507

  • SSDEEP

    12288:fqPKKEZLL3GvJYfS8RRgzFp+BXOMsZKO5VSiVufyZywvWIc93:cEd3GvJYfS8R+2oHZKO5lvs

Score
10/10
redlinegromeinfostealer

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Targets

    • Target

      NEAS.b847d5f1861026f707700bb663668f10_JC.exe

    • Size

      1.1MB

    • MD5

      b847d5f1861026f707700bb663668f10

    • SHA1

      925ea7cff66616bc61536cf397c5a183b92eb1fa

    • SHA256

      55077c3cb4d778f7d242568ba6912e7e259d11a53f548a60993394e74b39226d

    • SHA512

      32ca44bffa9151f0b7a30e05cc6bcf716df234f0994aec73fc8f416d749fa198a52b275de41dd2d9448da7c7c0f0af74197994e7045e84af05a47f80d8ed0507

    • SSDEEP

      12288:fqPKKEZLL3GvJYfS8RRgzFp+BXOMsZKO5VSiVufyZywvWIc93:cEd3GvJYfS8R+2oHZKO5lvs

    Score
    10/10
    redlinegromeinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks