General
-
Target
c73beae6293b678aa56151711c305b70_NeikiAnalytics.exe
-
Size
753KB
-
Sample
240519-qhw21sac9s
-
MD5
c73beae6293b678aa56151711c305b70
-
SHA1
b8fa8a4926ae4057ff977511633f3e894706d7da
-
SHA256
97c70d1d24f2729a4381dc6e5ab2708f831dccc13c3a06c9ea2bec12d76ccadc
-
SHA512
4a61f95060899a7205f447263b38a21bd22e7bc91d88f054b5b7da74db6d40d0fb1942872a71b4a0c8bb1321541da074a6f1076899d5a1675553ddffc0f56571
-
SSDEEP
12288:jMrZy90ikwlWvJSeo+P0T6Q3h2LaDaSO7ytJF+AgLk1eDsrap7JHjYrqDN:uydkw8SeIoCaSO7ytJF2h7J8uZ
Static task
static1
Behavioral task
behavioral1
Sample
c73beae6293b678aa56151711c305b70_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
motor
185.161.248.75:4132
-
auth_value
ec19ab9989a783983c5cbbc0e5ac4a5f
Targets
-
-
Target
c73beae6293b678aa56151711c305b70_NeikiAnalytics.exe
-
Size
753KB
-
MD5
c73beae6293b678aa56151711c305b70
-
SHA1
b8fa8a4926ae4057ff977511633f3e894706d7da
-
SHA256
97c70d1d24f2729a4381dc6e5ab2708f831dccc13c3a06c9ea2bec12d76ccadc
-
SHA512
4a61f95060899a7205f447263b38a21bd22e7bc91d88f054b5b7da74db6d40d0fb1942872a71b4a0c8bb1321541da074a6f1076899d5a1675553ddffc0f56571
-
SSDEEP
12288:jMrZy90ikwlWvJSeo+P0T6Q3h2LaDaSO7ytJF+AgLk1eDsrap7JHjYrqDN:uydkw8SeIoCaSO7ytJF2h7J8uZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1