General
-
Target
NEAS.46819249f0bc3715de9c9c4de4e5f0e0_JC.exe
-
Size
1.2MB
-
Sample
231105-heaqlsdf89
-
MD5
46819249f0bc3715de9c9c4de4e5f0e0
-
SHA1
581d40b8b930d54dc7bd7f8676a5e1de90ded3e9
-
SHA256
17d14f4d949afffd28e80c6995a59ae3b7d4a64a98923c378cd63835d22506a1
-
SHA512
2634e4c34cb02e074be27eeab06b1a4b4b1b3f2b9d9b1bde7edad758d24b1770dc53abd83c3e81b58045cff40c24e4c1c5bb769760e734aa8630efdc3500e3be
-
SSDEEP
12288:zbctDI2dAilhotf+BVv/rqlHYBPXVqrbmxoRj3cs5R7Ju9cdT2M391aP2Jj1FVR:ct02dAiItf+BVHjcIoRj3csPqP2JL
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.46819249f0bc3715de9c9c4de4e5f0e0_JC.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.46819249f0bc3715de9c9c4de4e5f0e0_JC.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.46819249f0bc3715de9c9c4de4e5f0e0_JC.exe
-
Size
1.2MB
-
MD5
46819249f0bc3715de9c9c4de4e5f0e0
-
SHA1
581d40b8b930d54dc7bd7f8676a5e1de90ded3e9
-
SHA256
17d14f4d949afffd28e80c6995a59ae3b7d4a64a98923c378cd63835d22506a1
-
SHA512
2634e4c34cb02e074be27eeab06b1a4b4b1b3f2b9d9b1bde7edad758d24b1770dc53abd83c3e81b58045cff40c24e4c1c5bb769760e734aa8630efdc3500e3be
-
SSDEEP
12288:zbctDI2dAilhotf+BVv/rqlHYBPXVqrbmxoRj3cs5R7Ju9cdT2M391aP2Jj1FVR:ct02dAiItf+BVHjcIoRj3csPqP2JL
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-