General
-
Target
NEAS.3d4bc3fa81cfc8709dc40c36038d6e40.exe
-
Size
1.1MB
-
Sample
231103-qf9v4adb79
-
MD5
3d4bc3fa81cfc8709dc40c36038d6e40
-
SHA1
b6cf8884930b3becd4a29fc6c9590f09b7dd62bf
-
SHA256
f6e08651248b32c64760d7c25c59715bd3f93b9797429cb4e4cb034e3f9efdf5
-
SHA512
8bc260a13c99d6659a5a6593aef84a3cbba7add074e345bf96ab2d194ed0ba523ee2a73069ad4ec154cdf7a592f3d126c0d759651c6a3c954c08ba8080ac4fc4
-
SSDEEP
24576:LGQ3GvJYfS8R+2oHZKO5CqbcULTnKB2LU:GYfS8RloHiMcY62
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.3d4bc3fa81cfc8709dc40c36038d6e40.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.3d4bc3fa81cfc8709dc40c36038d6e40.exe
Resource
win10v2004-20231025-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.3d4bc3fa81cfc8709dc40c36038d6e40.exe
-
Size
1.1MB
-
MD5
3d4bc3fa81cfc8709dc40c36038d6e40
-
SHA1
b6cf8884930b3becd4a29fc6c9590f09b7dd62bf
-
SHA256
f6e08651248b32c64760d7c25c59715bd3f93b9797429cb4e4cb034e3f9efdf5
-
SHA512
8bc260a13c99d6659a5a6593aef84a3cbba7add074e345bf96ab2d194ed0ba523ee2a73069ad4ec154cdf7a592f3d126c0d759651c6a3c954c08ba8080ac4fc4
-
SSDEEP
24576:LGQ3GvJYfS8R+2oHZKO5CqbcULTnKB2LU:GYfS8RloHiMcY62
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-