General
-
Target
NEAS.1487de5d5c7e83b0dfdcf08e746fcdc0.exe
-
Size
1.2MB
-
Sample
231104-jry5eadc2z
-
MD5
1487de5d5c7e83b0dfdcf08e746fcdc0
-
SHA1
63856fc51f3c793590431664bd89afeefed892be
-
SHA256
92f5df0a41b5132c990b5923d29ddd750f5e91b4b4d8366fb0afb2c9bc3c4660
-
SHA512
9ca2e33d4077bf0401115f9e2b4142f45d392474456644c886ffbfdea621391b284c0872e7af035b62355a3eee67ed9307d25cea4864292bc6fc4da8749034b6
-
SSDEEP
12288:kbcelI2dAilhotf+BVv/rqlHYBPXVqrbmxoRj3cs5R7Ju9cdTEDTkcoeg6KT:xeq2dAiItf+BVHjcIoRj3csPKkcoeg
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.1487de5d5c7e83b0dfdcf08e746fcdc0.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.1487de5d5c7e83b0dfdcf08e746fcdc0.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.1487de5d5c7e83b0dfdcf08e746fcdc0.exe
-
Size
1.2MB
-
MD5
1487de5d5c7e83b0dfdcf08e746fcdc0
-
SHA1
63856fc51f3c793590431664bd89afeefed892be
-
SHA256
92f5df0a41b5132c990b5923d29ddd750f5e91b4b4d8366fb0afb2c9bc3c4660
-
SHA512
9ca2e33d4077bf0401115f9e2b4142f45d392474456644c886ffbfdea621391b284c0872e7af035b62355a3eee67ed9307d25cea4864292bc6fc4da8749034b6
-
SSDEEP
12288:kbcelI2dAilhotf+BVv/rqlHYBPXVqrbmxoRj3cs5R7Ju9cdTEDTkcoeg6KT:xeq2dAiItf+BVHjcIoRj3csPKkcoeg
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-