General
-
Target
NEAS.1183c7c1c8babfb56816b3d45e2c5a60.exe
-
Size
1.1MB
-
Sample
231103-k4fn9sfb5y
-
MD5
1183c7c1c8babfb56816b3d45e2c5a60
-
SHA1
25efad3faafa5fd6e013af432dd7eeebba070b17
-
SHA256
d9652e95ebb2fd62f36a06ec562fb26ad72e9a051f5fb5ee48a7d1a17f545bbb
-
SHA512
5fda09b2ffbc5368717e121e12811382ce2387283bf96c66476ac965a142336679b5b9faca64628f6449b2af6a19e442dccf6d3e0c15adc80338df334bd200d3
-
SSDEEP
12288:Gq3KugBLL3GvJYfS8RRgbtp25/OMcZKO5VKCtufy8yMhc34S8TB:/El3GvJYfS8Ru+onZKO5am4S8T
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.1183c7c1c8babfb56816b3d45e2c5a60.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.1183c7c1c8babfb56816b3d45e2c5a60.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.1183c7c1c8babfb56816b3d45e2c5a60.exe
-
Size
1.1MB
-
MD5
1183c7c1c8babfb56816b3d45e2c5a60
-
SHA1
25efad3faafa5fd6e013af432dd7eeebba070b17
-
SHA256
d9652e95ebb2fd62f36a06ec562fb26ad72e9a051f5fb5ee48a7d1a17f545bbb
-
SHA512
5fda09b2ffbc5368717e121e12811382ce2387283bf96c66476ac965a142336679b5b9faca64628f6449b2af6a19e442dccf6d3e0c15adc80338df334bd200d3
-
SSDEEP
12288:Gq3KugBLL3GvJYfS8RRgbtp25/OMcZKO5VKCtufy8yMhc34S8TB:/El3GvJYfS8Ru+onZKO5am4S8T
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-