Overview

overview

10

Static

static

3

NEAS.23dfd...JC.exe

windows7-x64

10

NEAS.23dfd...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.23dfdf77e8606a7e40d56ebf332cd110_JC.exe

  • Size

    1.2MB

  • Sample

    231104-mtncgaad23

  • MD5

    23dfdf77e8606a7e40d56ebf332cd110

  • SHA1

    8adcd94bbd07cfea07416fbcce5b58e6b557bce3

  • SHA256

    6e6b20f965fdd9d0836ab01a2f1c2416930f32a8418f2eb99cf8a63fc3dd02ec

  • SHA512

    0de3e43c032a15188080504867eea8ace4498342a4b9cdcf248c4e5e759389d10f18afe09f7c2de147bf687628211d400933b08b674c120ee350143fdde8b52f

  • SSDEEP

    12288:dbc4HI2dAilhotf+BVv/rqlHYBPXVqrbmxoRj3cs5R7Ju9cdTrukWZPzL:24o2dAiItf+BVHjcIoRj3csPOkWZP

Score
10/10
redlinegromeinfostealer

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Targets

    • Target

      NEAS.23dfdf77e8606a7e40d56ebf332cd110_JC.exe

    • Size

      1.2MB

    • MD5

      23dfdf77e8606a7e40d56ebf332cd110

    • SHA1

      8adcd94bbd07cfea07416fbcce5b58e6b557bce3

    • SHA256

      6e6b20f965fdd9d0836ab01a2f1c2416930f32a8418f2eb99cf8a63fc3dd02ec

    • SHA512

      0de3e43c032a15188080504867eea8ace4498342a4b9cdcf248c4e5e759389d10f18afe09f7c2de147bf687628211d400933b08b674c120ee350143fdde8b52f

    • SSDEEP

      12288:dbc4HI2dAilhotf+BVv/rqlHYBPXVqrbmxoRj3cs5R7Ju9cdTrukWZPzL:24o2dAiItf+BVHjcIoRj3csPOkWZP

    Score
    10/10
    redlinegromeinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks