General
-
Target
NEAS.c6e34d6f1de028d83f5e976d18b3b860_JC.exe
-
Size
1.2MB
-
Sample
231105-etwd3sag21
-
MD5
c6e34d6f1de028d83f5e976d18b3b860
-
SHA1
242c2ab11ff48f1c693babdf94da2b200bce77ba
-
SHA256
5fedf0f70e45f838eb5dcac716ed9270a8e1381ef2bd954ca4a2ff6d38501b62
-
SHA512
5765e130fd9ed99fae133091540f95dab37e749f5825bf06ebdeab71cab367ee337db67515106607416c6eabccd85c5d1051735f8923183c3a11f96741d0cf46
-
SSDEEP
24576:e4D/HgLyvx9JyZbaBsDgFv9sTpyghBoCrVmDk:j3x9JyZIvy4ghBjV4
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.c6e34d6f1de028d83f5e976d18b3b860_JC.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.c6e34d6f1de028d83f5e976d18b3b860_JC.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.c6e34d6f1de028d83f5e976d18b3b860_JC.exe
-
Size
1.2MB
-
MD5
c6e34d6f1de028d83f5e976d18b3b860
-
SHA1
242c2ab11ff48f1c693babdf94da2b200bce77ba
-
SHA256
5fedf0f70e45f838eb5dcac716ed9270a8e1381ef2bd954ca4a2ff6d38501b62
-
SHA512
5765e130fd9ed99fae133091540f95dab37e749f5825bf06ebdeab71cab367ee337db67515106607416c6eabccd85c5d1051735f8923183c3a11f96741d0cf46
-
SSDEEP
24576:e4D/HgLyvx9JyZbaBsDgFv9sTpyghBoCrVmDk:j3x9JyZIvy4ghBjV4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-