Overview

overview

10

Static

static

3

NEAS.2c383...40.exe

windows7-x64

10

NEAS.2c383...40.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.2c383604100c1d03ca1456c0aaa07b40.exe

  • Size

    1.1MB

  • Sample

    231105-13gg6sfb73

  • MD5

    2c383604100c1d03ca1456c0aaa07b40

  • SHA1

    d2d3d0960603af77084fdeaac6050f67af1b32f4

  • SHA256

    965186287441b3e9f7994cebeb2c7d624b2ddad9ba80b96581cd677fdb1a8277

  • SHA512

    47c51102f179173cb6e1b909db7d5280968084084d03970830ffc50c5789eb7494c8869c6735adaf00357e535c4173fba26fd78ecef097f5e39e0f1f7978a180

  • SSDEEP

    12288:AN5ujmtwkTo7a0dmgekP+8/SSERIZHqmfWWqg5u+CHuP5khVJ:An4mtwkTo7a0dfR5/S8ZWq3P50

Score
10/10
redlinegromeinfostealer

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Targets

    • Target

      NEAS.2c383604100c1d03ca1456c0aaa07b40.exe

    • Size

      1.1MB

    • MD5

      2c383604100c1d03ca1456c0aaa07b40

    • SHA1

      d2d3d0960603af77084fdeaac6050f67af1b32f4

    • SHA256

      965186287441b3e9f7994cebeb2c7d624b2ddad9ba80b96581cd677fdb1a8277

    • SHA512

      47c51102f179173cb6e1b909db7d5280968084084d03970830ffc50c5789eb7494c8869c6735adaf00357e535c4173fba26fd78ecef097f5e39e0f1f7978a180

    • SSDEEP

      12288:AN5ujmtwkTo7a0dmgekP+8/SSERIZHqmfWWqg5u+CHuP5khVJ:An4mtwkTo7a0dfR5/S8ZWq3P50

    Score
    10/10
    redlinegromeinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks