General
-
Target
NEAS.8530c2a66494217c850c08e82c827830.exe
-
Size
1.2MB
-
Sample
231104-qxc8fscg27
-
MD5
8530c2a66494217c850c08e82c827830
-
SHA1
815f733618725c106c57419c7e442886f2feba6f
-
SHA256
caf195897395918e07ddc9ef0e889c9f33545be81a4ef86c647308c07ba83841
-
SHA512
3615eb7d3c3d8422d705eb12e2f7770e3e0e0993fdd13374e01164eb4efa4e47b36186d0c33e9f28112d7debdbc7519876a9214071307a4216a3ff0ed86f05a0
-
SSDEEP
24576:O40IHgLyqx9JyZbaBsDglv9sTpy+S5BwG:TCx9JyZovy4L5BwG
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.8530c2a66494217c850c08e82c827830.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.8530c2a66494217c850c08e82c827830.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.8530c2a66494217c850c08e82c827830.exe
-
Size
1.2MB
-
MD5
8530c2a66494217c850c08e82c827830
-
SHA1
815f733618725c106c57419c7e442886f2feba6f
-
SHA256
caf195897395918e07ddc9ef0e889c9f33545be81a4ef86c647308c07ba83841
-
SHA512
3615eb7d3c3d8422d705eb12e2f7770e3e0e0993fdd13374e01164eb4efa4e47b36186d0c33e9f28112d7debdbc7519876a9214071307a4216a3ff0ed86f05a0
-
SSDEEP
24576:O40IHgLyqx9JyZbaBsDglv9sTpy+S5BwG:TCx9JyZovy4L5BwG
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-