General
-
Target
NEAS.52d1938876b139495012d8ea465a5790_JC.exe
-
Size
1.1MB
-
Sample
231103-yb36rahc4t
-
MD5
52d1938876b139495012d8ea465a5790
-
SHA1
cb2ba2bf8df6606b2cb75e9ca77351d9a00be85a
-
SHA256
ad58f4472d5951384b4340718b91ea8c07990610ac58407701eed09fbe81eea9
-
SHA512
c7ab52a9967827c9a80733db8264bd63709381452f72f5d735472a83c6e342fb178a79c9042b003ec608fbe4e98dff9eb06cd4a1d288d5700b510153af6b567e
-
SSDEEP
12288:EfdijmtwkTo7a0dmAmUf+8/SiEBIZHvmfWmqgPu+C89SqTB/PZ6UWXJU5PVPcHua:El8mtwkTo7a0d/55/ScZ36DNB/BOXqV
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.52d1938876b139495012d8ea465a5790_JC.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
NEAS.52d1938876b139495012d8ea465a5790_JC.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.52d1938876b139495012d8ea465a5790_JC.exe
-
Size
1.1MB
-
MD5
52d1938876b139495012d8ea465a5790
-
SHA1
cb2ba2bf8df6606b2cb75e9ca77351d9a00be85a
-
SHA256
ad58f4472d5951384b4340718b91ea8c07990610ac58407701eed09fbe81eea9
-
SHA512
c7ab52a9967827c9a80733db8264bd63709381452f72f5d735472a83c6e342fb178a79c9042b003ec608fbe4e98dff9eb06cd4a1d288d5700b510153af6b567e
-
SSDEEP
12288:EfdijmtwkTo7a0dmAmUf+8/SiEBIZHvmfWmqgPu+C89SqTB/PZ6UWXJU5PVPcHua:El8mtwkTo7a0d/55/ScZ36DNB/BOXqV
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-