General
-
Target
NEAS.01f4ec9bb9b636771f980257f0e95ce0.exe
-
Size
1.2MB
-
Sample
231109-zbd3asdd71
-
MD5
01f4ec9bb9b636771f980257f0e95ce0
-
SHA1
253a447bceaac7ca52fdc1979271a8667a39d598
-
SHA256
4b36032c75e8fffce996f816e2401f50bb143236f8bec6296a074f9001e6f78d
-
SHA512
a7544ab66c4df3782fb57b881e1e254ad235e70b31c0ea2b4187767feec4b55bbce94a224c5a6fa1408e71a7c3d8807e1a2e6ead1343204b1f6f344b42d78ff8
-
SSDEEP
24576:KC52dAiItf+BVHjcIoRj3csPnDPQRrCY:CItf+BVAIwPfURrCY
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.01f4ec9bb9b636771f980257f0e95ce0.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.01f4ec9bb9b636771f980257f0e95ce0.exe
Resource
win10v2004-20231025-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.01f4ec9bb9b636771f980257f0e95ce0.exe
-
Size
1.2MB
-
MD5
01f4ec9bb9b636771f980257f0e95ce0
-
SHA1
253a447bceaac7ca52fdc1979271a8667a39d598
-
SHA256
4b36032c75e8fffce996f816e2401f50bb143236f8bec6296a074f9001e6f78d
-
SHA512
a7544ab66c4df3782fb57b881e1e254ad235e70b31c0ea2b4187767feec4b55bbce94a224c5a6fa1408e71a7c3d8807e1a2e6ead1343204b1f6f344b42d78ff8
-
SSDEEP
24576:KC52dAiItf+BVHjcIoRj3csPnDPQRrCY:CItf+BVAIwPfURrCY
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-