General
-
Target
NEAS.23dfdf77e8606a7e40d56ebf332cd110_JC.exe
-
Size
1.2MB
-
Sample
231104-mtncgaad23
-
MD5
23dfdf77e8606a7e40d56ebf332cd110
-
SHA1
8adcd94bbd07cfea07416fbcce5b58e6b557bce3
-
SHA256
6e6b20f965fdd9d0836ab01a2f1c2416930f32a8418f2eb99cf8a63fc3dd02ec
-
SHA512
0de3e43c032a15188080504867eea8ace4498342a4b9cdcf248c4e5e759389d10f18afe09f7c2de147bf687628211d400933b08b674c120ee350143fdde8b52f
-
SSDEEP
12288:dbc4HI2dAilhotf+BVv/rqlHYBPXVqrbmxoRj3cs5R7Ju9cdTrukWZPzL:24o2dAiItf+BVHjcIoRj3csPOkWZP
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.23dfdf77e8606a7e40d56ebf332cd110_JC.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.23dfdf77e8606a7e40d56ebf332cd110_JC.exe
Resource
win10v2004-20231025-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.23dfdf77e8606a7e40d56ebf332cd110_JC.exe
-
Size
1.2MB
-
MD5
23dfdf77e8606a7e40d56ebf332cd110
-
SHA1
8adcd94bbd07cfea07416fbcce5b58e6b557bce3
-
SHA256
6e6b20f965fdd9d0836ab01a2f1c2416930f32a8418f2eb99cf8a63fc3dd02ec
-
SHA512
0de3e43c032a15188080504867eea8ace4498342a4b9cdcf248c4e5e759389d10f18afe09f7c2de147bf687628211d400933b08b674c120ee350143fdde8b52f
-
SSDEEP
12288:dbc4HI2dAilhotf+BVv/rqlHYBPXVqrbmxoRj3cs5R7Ju9cdTrukWZPzL:24o2dAiItf+BVHjcIoRj3csPOkWZP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-