General
-
Target
NEAS.2c383604100c1d03ca1456c0aaa07b40.exe
-
Size
1.1MB
-
Sample
231105-13gg6sfb73
-
MD5
2c383604100c1d03ca1456c0aaa07b40
-
SHA1
d2d3d0960603af77084fdeaac6050f67af1b32f4
-
SHA256
965186287441b3e9f7994cebeb2c7d624b2ddad9ba80b96581cd677fdb1a8277
-
SHA512
47c51102f179173cb6e1b909db7d5280968084084d03970830ffc50c5789eb7494c8869c6735adaf00357e535c4173fba26fd78ecef097f5e39e0f1f7978a180
-
SSDEEP
12288:AN5ujmtwkTo7a0dmgekP+8/SSERIZHqmfWWqg5u+CHuP5khVJ:An4mtwkTo7a0dfR5/S8ZWq3P50
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.2c383604100c1d03ca1456c0aaa07b40.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.2c383604100c1d03ca1456c0aaa07b40.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.2c383604100c1d03ca1456c0aaa07b40.exe
-
Size
1.1MB
-
MD5
2c383604100c1d03ca1456c0aaa07b40
-
SHA1
d2d3d0960603af77084fdeaac6050f67af1b32f4
-
SHA256
965186287441b3e9f7994cebeb2c7d624b2ddad9ba80b96581cd677fdb1a8277
-
SHA512
47c51102f179173cb6e1b909db7d5280968084084d03970830ffc50c5789eb7494c8869c6735adaf00357e535c4173fba26fd78ecef097f5e39e0f1f7978a180
-
SSDEEP
12288:AN5ujmtwkTo7a0dmgekP+8/SSERIZHqmfWWqg5u+CHuP5khVJ:An4mtwkTo7a0dfR5/S8ZWq3P50
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-