General
-
Target
NEAS.c17d68ece483d106c0d9862088517c10.exe
-
Size
1.2MB
-
Sample
231110-gvk1vaea46
-
MD5
c17d68ece483d106c0d9862088517c10
-
SHA1
7824af01ad4670283b10ee01178d3776801e365b
-
SHA256
680df8f5d8c9780349bfe53afc4ed45c33dcf00030f06aa165d870ac9701b180
-
SHA512
31dab7403c9ae4aa8b7209ca4849b7b25f727c224f5d9b79fac03297df63f381ff976af19cba637de57fa8c79c63d1a8b6237cc04cc9fc40a444af5873fc7561
-
SSDEEP
12288:WbcDaI2dAilhotf+BVv/rqlHYBPXVqrbmxoRj3cs5R7Ju9cdT7HGeAeJXdIn1:zDF2dAiItf+BVHjcIoRj3csPJ
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.c17d68ece483d106c0d9862088517c10.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.c17d68ece483d106c0d9862088517c10.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
NEAS.c17d68ece483d106c0d9862088517c10.exe
-
Size
1.2MB
-
MD5
c17d68ece483d106c0d9862088517c10
-
SHA1
7824af01ad4670283b10ee01178d3776801e365b
-
SHA256
680df8f5d8c9780349bfe53afc4ed45c33dcf00030f06aa165d870ac9701b180
-
SHA512
31dab7403c9ae4aa8b7209ca4849b7b25f727c224f5d9b79fac03297df63f381ff976af19cba637de57fa8c79c63d1a8b6237cc04cc9fc40a444af5873fc7561
-
SSDEEP
12288:WbcDaI2dAilhotf+BVv/rqlHYBPXVqrbmxoRj3cs5R7Ju9cdT7HGeAeJXdIn1:zDF2dAiItf+BVHjcIoRj3csPJ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-