Overview

overview

10

Static

static

3

NEAS.1183c...60.exe

windows7-x64

10

NEAS.1183c...60.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.1183c7c1c8babfb56816b3d45e2c5a60.exe

  • Size

    1.1MB

  • Sample

    231103-k4fn9sfb5y

  • MD5

    1183c7c1c8babfb56816b3d45e2c5a60

  • SHA1

    25efad3faafa5fd6e013af432dd7eeebba070b17

  • SHA256

    d9652e95ebb2fd62f36a06ec562fb26ad72e9a051f5fb5ee48a7d1a17f545bbb

  • SHA512

    5fda09b2ffbc5368717e121e12811382ce2387283bf96c66476ac965a142336679b5b9faca64628f6449b2af6a19e442dccf6d3e0c15adc80338df334bd200d3

  • SSDEEP

    12288:Gq3KugBLL3GvJYfS8RRgbtp25/OMcZKO5VKCtufy8yMhc34S8TB:/El3GvJYfS8Ru+onZKO5am4S8T

Score
10/10
redlinegromeinfostealer

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Targets

    • Target

      NEAS.1183c7c1c8babfb56816b3d45e2c5a60.exe

    • Size

      1.1MB

    • MD5

      1183c7c1c8babfb56816b3d45e2c5a60

    • SHA1

      25efad3faafa5fd6e013af432dd7eeebba070b17

    • SHA256

      d9652e95ebb2fd62f36a06ec562fb26ad72e9a051f5fb5ee48a7d1a17f545bbb

    • SHA512

      5fda09b2ffbc5368717e121e12811382ce2387283bf96c66476ac965a142336679b5b9faca64628f6449b2af6a19e442dccf6d3e0c15adc80338df334bd200d3

    • SSDEEP

      12288:Gq3KugBLL3GvJYfS8RRgbtp25/OMcZKO5VKCtufy8yMhc34S8TB:/El3GvJYfS8Ru+onZKO5am4S8T

    Score
    10/10
    redlinegromeinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks