General
-
Target
NEAS.d8e67cd48357371f2dff8165efc62330.exe
-
Size
1.1MB
-
Sample
231103-pab67saa4v
-
MD5
d8e67cd48357371f2dff8165efc62330
-
SHA1
fe9da635f3e72e9b44c5b2c926c572efcd8695dd
-
SHA256
872c5bcbfaf8b013216bc4cff13e8d8492e5377e22d2e9db7be0823abf201b1e
-
SHA512
dac477e20da79607bf8dbf85a9f5613b9e820ceed5152900a9e3b43463a602f10c9592206351bdfd75a261f46d44b11ed83abf1c71cef990deb1704cd34a8fbb
-
SSDEEP
12288:zqnKSufLL3GvJYfS8RRAA9pmpvOMcZKO5ADCdufyty646TqRVcy8P:Ien3GvJYfS8ROFIHZKO5w6mI
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.d8e67cd48357371f2dff8165efc62330.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.d8e67cd48357371f2dff8165efc62330.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.d8e67cd48357371f2dff8165efc62330.exe
-
Size
1.1MB
-
MD5
d8e67cd48357371f2dff8165efc62330
-
SHA1
fe9da635f3e72e9b44c5b2c926c572efcd8695dd
-
SHA256
872c5bcbfaf8b013216bc4cff13e8d8492e5377e22d2e9db7be0823abf201b1e
-
SHA512
dac477e20da79607bf8dbf85a9f5613b9e820ceed5152900a9e3b43463a602f10c9592206351bdfd75a261f46d44b11ed83abf1c71cef990deb1704cd34a8fbb
-
SSDEEP
12288:zqnKSufLL3GvJYfS8RRAA9pmpvOMcZKO5ADCdufyty646TqRVcy8P:Ien3GvJYfS8ROFIHZKO5w6mI
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-