General
-
Target
39abc7e51cd24df294743a12613db3d0_NEIKI
-
Size
371KB
-
Sample
240507-z7wl8abc75
-
MD5
39abc7e51cd24df294743a12613db3d0
-
SHA1
c7487934f9a0ffd8a086e395cb02d4eaadc0bbc5
-
SHA256
037e3c0438df3ca6c2ed70f9dd643af405c24f781582d31a3a8a4a1abbb5c3db
-
SHA512
2183b2a476af5025aba99be782f13002066ea87031f4f41a65d2ffe845bf4b441955909954bd6a432497cedbb93c64ce589534e4ea005c261d0f4cdd78fdd816
-
SSDEEP
6144:sMip0yN90QEQmKItMqxYr0oXTujDKflckhQWecDhmkNt1GGgFe5C6Re0JJv:1y90CSSEloXYDKN/egm+GTFe5F1JN
Static task
static1
Behavioral task
behavioral1
Sample
39abc7e51cd24df294743a12613db3d0_NEIKI.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
redline
most
185.161.248.73:4164
-
auth_value
7da4dfa153f2919e617aa016f7c36008
Targets
-
-
Target
39abc7e51cd24df294743a12613db3d0_NEIKI
-
Size
371KB
-
MD5
39abc7e51cd24df294743a12613db3d0
-
SHA1
c7487934f9a0ffd8a086e395cb02d4eaadc0bbc5
-
SHA256
037e3c0438df3ca6c2ed70f9dd643af405c24f781582d31a3a8a4a1abbb5c3db
-
SHA512
2183b2a476af5025aba99be782f13002066ea87031f4f41a65d2ffe845bf4b441955909954bd6a432497cedbb93c64ce589534e4ea005c261d0f4cdd78fdd816
-
SSDEEP
6144:sMip0yN90QEQmKItMqxYr0oXTujDKflckhQWecDhmkNt1GGgFe5C6Re0JJv:1y90CSSEloXYDKN/egm+GTFe5F1JN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-