Overview

overview

10

Static

static

3

NEAS.05245...JC.exe

windows7-x64

10

NEAS.05245...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.0524539fe0129f73f2b79bbb659d4b00_JC.exe

  • Size

    1.1MB

  • Sample

    231103-yr43zsbf93

  • MD5

    0524539fe0129f73f2b79bbb659d4b00

  • SHA1

    4d41eef41f2f680ceaa8617a780d271e0ad996d8

  • SHA256

    87d40b7596d53e23a5a72287151b1595570905da77a983555ec19fd1a26d9702

  • SHA512

    68691472a8d4a8954b39a864c4ba1b50c5f1562d31719f3e2e137bba1a10c374433f429ab929ca61f291178fe20869c5b627b4855d3ec99faf847e5b89e22436

  • SSDEEP

    24576:csp3GvJYfS8R+2oHZKO5P9Nq3K7hPrqx4:+YfS8RloHv9n

Score
10/10
redlinegromeinfostealer

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Targets

    • Target

      NEAS.0524539fe0129f73f2b79bbb659d4b00_JC.exe

    • Size

      1.1MB

    • MD5

      0524539fe0129f73f2b79bbb659d4b00

    • SHA1

      4d41eef41f2f680ceaa8617a780d271e0ad996d8

    • SHA256

      87d40b7596d53e23a5a72287151b1595570905da77a983555ec19fd1a26d9702

    • SHA512

      68691472a8d4a8954b39a864c4ba1b50c5f1562d31719f3e2e137bba1a10c374433f429ab929ca61f291178fe20869c5b627b4855d3ec99faf847e5b89e22436

    • SSDEEP

      24576:csp3GvJYfS8R+2oHZKO5P9Nq3K7hPrqx4:+YfS8RloHv9n

    Score
    10/10
    redlinegromeinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks