General
-
Target
NEAS.345241ceff53c1932280119b51849330_JC.exe
-
Size
1.1MB
-
Sample
231103-e1p6msea46
-
MD5
345241ceff53c1932280119b51849330
-
SHA1
32e3d60ad3ef0950d6f2338b70c179dd8f869b21
-
SHA256
1cab3800bcac8e708d9c6bc5a73c5e66a2531859673377e3288294a577c417a1
-
SHA512
963812db3501224e565b6520af28d91533caf75659c48b45fa34458ac1e962d89229fab0e62e51f3c565c5c049dbfda66b96e1ae9f1f5f5e688426190f15d6e4
-
SSDEEP
12288:vqnKW4fLL3GvJYfS8RRAA9pmpvOMcZKO5ADCdufytyK1h/oQi2KZKKKKKKKKK5Vk:EUn3GvJYfS8ROFIHZKO553wn5
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.345241ceff53c1932280119b51849330_JC.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.345241ceff53c1932280119b51849330_JC.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.345241ceff53c1932280119b51849330_JC.exe
-
Size
1.1MB
-
MD5
345241ceff53c1932280119b51849330
-
SHA1
32e3d60ad3ef0950d6f2338b70c179dd8f869b21
-
SHA256
1cab3800bcac8e708d9c6bc5a73c5e66a2531859673377e3288294a577c417a1
-
SHA512
963812db3501224e565b6520af28d91533caf75659c48b45fa34458ac1e962d89229fab0e62e51f3c565c5c049dbfda66b96e1ae9f1f5f5e688426190f15d6e4
-
SSDEEP
12288:vqnKW4fLL3GvJYfS8RRAA9pmpvOMcZKO5ADCdufytyK1h/oQi2KZKKKKKKKKK5Vk:EUn3GvJYfS8ROFIHZKO553wn5
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-