General
-
Target
NEAS.479ddd11351b78ab0dc2ddc7971728b0_JC.exe
-
Size
1.1MB
-
Sample
231103-hhl8tadd91
-
MD5
479ddd11351b78ab0dc2ddc7971728b0
-
SHA1
a8371858b85a2cf75fb2b9595ed51e4d2469cb61
-
SHA256
e7b30e3964178eeb56efd4b1a687bb213524a4b386db3511ea7eae2c16db0aa4
-
SHA512
1d39c088d279698d90e39b989d0436284d563dc20a4522842e1b77130501672e2eab6940ff52425dfdccc468a94be38e29ee1d6634e567b780258ea80fb60e5f
-
SSDEEP
12288:5q3KYnNLL3GvJYfS8RRgbtp25/OMcZKO5VKCtufy8y03BrJjmIOVk:ipJ3GvJYfS8Ru+onZKO5Gxr
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.479ddd11351b78ab0dc2ddc7971728b0_JC.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.479ddd11351b78ab0dc2ddc7971728b0_JC.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.479ddd11351b78ab0dc2ddc7971728b0_JC.exe
-
Size
1.1MB
-
MD5
479ddd11351b78ab0dc2ddc7971728b0
-
SHA1
a8371858b85a2cf75fb2b9595ed51e4d2469cb61
-
SHA256
e7b30e3964178eeb56efd4b1a687bb213524a4b386db3511ea7eae2c16db0aa4
-
SHA512
1d39c088d279698d90e39b989d0436284d563dc20a4522842e1b77130501672e2eab6940ff52425dfdccc468a94be38e29ee1d6634e567b780258ea80fb60e5f
-
SSDEEP
12288:5q3KYnNLL3GvJYfS8RRgbtp25/OMcZKO5VKCtufy8y03BrJjmIOVk:ipJ3GvJYfS8Ru+onZKO5Gxr
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-