Overview

overview

10

Static

static

3

NEAS.762af...JC.exe

windows7-x64

10

NEAS.762af...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.762af3bc67019d7015a6e75ad313e950_JC.exe

  • Size

    1.1MB

  • Sample

    231105-v8ac6abd66

  • MD5

    762af3bc67019d7015a6e75ad313e950

  • SHA1

    27fa0b3e1b2de8863c4921429a0b58dbc7ab3cc0

  • SHA256

    39a35f13394dadbeab6e10d0f929810ff2a3a71b5619fd259ff2cd2e61b214a3

  • SHA512

    b7917c7b107fbdaf329087cf1b43eda234e6767860dfb2971274c6201e1e0771abf9ec2be2f20ef48fd83fe2ad1c26e213ab0ec8d62de410db530a9f025b9626

  • SSDEEP

    12288:7tRtKeyqA3Gvsu+PTBTF8nV8C/oCagUUGWIQufymy3bUYIrZW2b0:ZPK53Gvsu+PTBhOlagUU+rZW6

Score
10/10
redlinegromeinfostealer

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Targets

    • Target

      NEAS.762af3bc67019d7015a6e75ad313e950_JC.exe

    • Size

      1.1MB

    • MD5

      762af3bc67019d7015a6e75ad313e950

    • SHA1

      27fa0b3e1b2de8863c4921429a0b58dbc7ab3cc0

    • SHA256

      39a35f13394dadbeab6e10d0f929810ff2a3a71b5619fd259ff2cd2e61b214a3

    • SHA512

      b7917c7b107fbdaf329087cf1b43eda234e6767860dfb2971274c6201e1e0771abf9ec2be2f20ef48fd83fe2ad1c26e213ab0ec8d62de410db530a9f025b9626

    • SSDEEP

      12288:7tRtKeyqA3Gvsu+PTBTF8nV8C/oCagUUGWIQufymy3bUYIrZW2b0:ZPK53Gvsu+PTBhOlagUU+rZW6

    Score
    10/10
    redlinegromeinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks