General
-
Target
NEAS.1e9f763065dfdcfc040a51d178a11db0_JC.exe
-
Size
1.2MB
-
Sample
231104-mmkm1aab35
-
MD5
1e9f763065dfdcfc040a51d178a11db0
-
SHA1
db5a64febc5220472d75720df80d1bf6431b0e9f
-
SHA256
d3629b6e9a291ce3f375c995eb16be7f122bfa705c9e0185851ce52efbf53921
-
SHA512
5d70b5ef00ccdaf283304dd1a3aae4c25b1457adc3e2a6b957bc2c673fda32201c18faff564b7c1ada399ea910f6b6d81ef7c4e0425a96306190653b26e4ecfe
-
SSDEEP
12288:pbchII2dAilhotf+BVv/rqlHYBPXVqrbmxoRj3cs5R7Ju9cdTuwEytz94UHjyoFz:ChX2dAiItf+BVHjcIoRj3csPRfH9
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.1e9f763065dfdcfc040a51d178a11db0_JC.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.1e9f763065dfdcfc040a51d178a11db0_JC.exe
Resource
win10v2004-20231025-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.1e9f763065dfdcfc040a51d178a11db0_JC.exe
-
Size
1.2MB
-
MD5
1e9f763065dfdcfc040a51d178a11db0
-
SHA1
db5a64febc5220472d75720df80d1bf6431b0e9f
-
SHA256
d3629b6e9a291ce3f375c995eb16be7f122bfa705c9e0185851ce52efbf53921
-
SHA512
5d70b5ef00ccdaf283304dd1a3aae4c25b1457adc3e2a6b957bc2c673fda32201c18faff564b7c1ada399ea910f6b6d81ef7c4e0425a96306190653b26e4ecfe
-
SSDEEP
12288:pbchII2dAilhotf+BVv/rqlHYBPXVqrbmxoRj3cs5R7Ju9cdTuwEytz94UHjyoFz:ChX2dAiItf+BVHjcIoRj3csPRfH9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-