General
-
Target
NEAS.0524539fe0129f73f2b79bbb659d4b00_JC.exe
-
Size
1.1MB
-
Sample
231103-yr43zsbf93
-
MD5
0524539fe0129f73f2b79bbb659d4b00
-
SHA1
4d41eef41f2f680ceaa8617a780d271e0ad996d8
-
SHA256
87d40b7596d53e23a5a72287151b1595570905da77a983555ec19fd1a26d9702
-
SHA512
68691472a8d4a8954b39a864c4ba1b50c5f1562d31719f3e2e137bba1a10c374433f429ab929ca61f291178fe20869c5b627b4855d3ec99faf847e5b89e22436
-
SSDEEP
24576:csp3GvJYfS8R+2oHZKO5P9Nq3K7hPrqx4:+YfS8RloHv9n
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.0524539fe0129f73f2b79bbb659d4b00_JC.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.0524539fe0129f73f2b79bbb659d4b00_JC.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.0524539fe0129f73f2b79bbb659d4b00_JC.exe
-
Size
1.1MB
-
MD5
0524539fe0129f73f2b79bbb659d4b00
-
SHA1
4d41eef41f2f680ceaa8617a780d271e0ad996d8
-
SHA256
87d40b7596d53e23a5a72287151b1595570905da77a983555ec19fd1a26d9702
-
SHA512
68691472a8d4a8954b39a864c4ba1b50c5f1562d31719f3e2e137bba1a10c374433f429ab929ca61f291178fe20869c5b627b4855d3ec99faf847e5b89e22436
-
SSDEEP
24576:csp3GvJYfS8R+2oHZKO5P9Nq3K7hPrqx4:+YfS8RloHv9n
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-