Overview

overview

10

Static

static

3

NEAS.d8e67...30.exe

windows7-x64

10

NEAS.d8e67...30.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.d8e67cd48357371f2dff8165efc62330.exe

  • Size

    1.1MB

  • Sample

    231103-pab67saa4v

  • MD5

    d8e67cd48357371f2dff8165efc62330

  • SHA1

    fe9da635f3e72e9b44c5b2c926c572efcd8695dd

  • SHA256

    872c5bcbfaf8b013216bc4cff13e8d8492e5377e22d2e9db7be0823abf201b1e

  • SHA512

    dac477e20da79607bf8dbf85a9f5613b9e820ceed5152900a9e3b43463a602f10c9592206351bdfd75a261f46d44b11ed83abf1c71cef990deb1704cd34a8fbb

  • SSDEEP

    12288:zqnKSufLL3GvJYfS8RRAA9pmpvOMcZKO5ADCdufyty646TqRVcy8P:Ien3GvJYfS8ROFIHZKO5w6mI

Score
10/10
redlinegromeinfostealer

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Targets

    • Target

      NEAS.d8e67cd48357371f2dff8165efc62330.exe

    • Size

      1.1MB

    • MD5

      d8e67cd48357371f2dff8165efc62330

    • SHA1

      fe9da635f3e72e9b44c5b2c926c572efcd8695dd

    • SHA256

      872c5bcbfaf8b013216bc4cff13e8d8492e5377e22d2e9db7be0823abf201b1e

    • SHA512

      dac477e20da79607bf8dbf85a9f5613b9e820ceed5152900a9e3b43463a602f10c9592206351bdfd75a261f46d44b11ed83abf1c71cef990deb1704cd34a8fbb

    • SSDEEP

      12288:zqnKSufLL3GvJYfS8RRAA9pmpvOMcZKO5ADCdufyty646TqRVcy8P:Ien3GvJYfS8ROFIHZKO5w6mI

    Score
    10/10
    redlinegromeinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks