Overview

overview

10

Static

static

3

NEAS.c6e34...JC.exe

windows7-x64

10

NEAS.c6e34...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.c6e34d6f1de028d83f5e976d18b3b860_JC.exe

  • Size

    1.2MB

  • Sample

    231105-etwd3sag21

  • MD5

    c6e34d6f1de028d83f5e976d18b3b860

  • SHA1

    242c2ab11ff48f1c693babdf94da2b200bce77ba

  • SHA256

    5fedf0f70e45f838eb5dcac716ed9270a8e1381ef2bd954ca4a2ff6d38501b62

  • SHA512

    5765e130fd9ed99fae133091540f95dab37e749f5825bf06ebdeab71cab367ee337db67515106607416c6eabccd85c5d1051735f8923183c3a11f96741d0cf46

  • SSDEEP

    24576:e4D/HgLyvx9JyZbaBsDgFv9sTpyghBoCrVmDk:j3x9JyZIvy4ghBjV4

Score
10/10
redlinegromeinfostealer

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Targets

    • Target

      NEAS.c6e34d6f1de028d83f5e976d18b3b860_JC.exe

    • Size

      1.2MB

    • MD5

      c6e34d6f1de028d83f5e976d18b3b860

    • SHA1

      242c2ab11ff48f1c693babdf94da2b200bce77ba

    • SHA256

      5fedf0f70e45f838eb5dcac716ed9270a8e1381ef2bd954ca4a2ff6d38501b62

    • SHA512

      5765e130fd9ed99fae133091540f95dab37e749f5825bf06ebdeab71cab367ee337db67515106607416c6eabccd85c5d1051735f8923183c3a11f96741d0cf46

    • SSDEEP

      24576:e4D/HgLyvx9JyZbaBsDgFv9sTpyghBoCrVmDk:j3x9JyZIvy4ghBjV4

    Score
    10/10
    redlinegromeinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks