Overview

overview

10

Static

static

3

NEAS.479dd...JC.exe

windows7-x64

10

NEAS.479dd...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.479ddd11351b78ab0dc2ddc7971728b0_JC.exe

  • Size

    1.1MB

  • Sample

    231103-hhl8tadd91

  • MD5

    479ddd11351b78ab0dc2ddc7971728b0

  • SHA1

    a8371858b85a2cf75fb2b9595ed51e4d2469cb61

  • SHA256

    e7b30e3964178eeb56efd4b1a687bb213524a4b386db3511ea7eae2c16db0aa4

  • SHA512

    1d39c088d279698d90e39b989d0436284d563dc20a4522842e1b77130501672e2eab6940ff52425dfdccc468a94be38e29ee1d6634e567b780258ea80fb60e5f

  • SSDEEP

    12288:5q3KYnNLL3GvJYfS8RRgbtp25/OMcZKO5VKCtufy8y03BrJjmIOVk:ipJ3GvJYfS8Ru+onZKO5Gxr

Score
10/10
redlinegromeinfostealer

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Targets

    • Target

      NEAS.479ddd11351b78ab0dc2ddc7971728b0_JC.exe

    • Size

      1.1MB

    • MD5

      479ddd11351b78ab0dc2ddc7971728b0

    • SHA1

      a8371858b85a2cf75fb2b9595ed51e4d2469cb61

    • SHA256

      e7b30e3964178eeb56efd4b1a687bb213524a4b386db3511ea7eae2c16db0aa4

    • SHA512

      1d39c088d279698d90e39b989d0436284d563dc20a4522842e1b77130501672e2eab6940ff52425dfdccc468a94be38e29ee1d6634e567b780258ea80fb60e5f

    • SSDEEP

      12288:5q3KYnNLL3GvJYfS8RRgbtp25/OMcZKO5VKCtufy8y03BrJjmIOVk:ipJ3GvJYfS8Ru+onZKO5Gxr

    Score
    10/10
    redlinegromeinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks