General
-
Target
3eda6df330d608484f716e432916c740_NeikiAnalytics.exe
-
Size
273KB
-
Sample
240523-lhk8asca7x
-
MD5
3eda6df330d608484f716e432916c740
-
SHA1
97487fafd10dd336a0da86916e298899f366a293
-
SHA256
084d3c561410dc20876e39edf12c2450a0034c03a4f439c6497196e55e69812d
-
SHA512
ed87058d1f93643be58347cc3a3765fa296cd3648df24ed49e856600c70b99b4485fc8c25808a86d8c9412a072610facd53da90dc72fda466b14fdac04da298b
-
SSDEEP
6144:Mf4v7rRV5m0FGj3mvwRK6SL2rGGgR60Ci0Za6n:Xv7rX7wC2r1x0+Fn
Malware Config
Extracted
redline
5345987420
https://pastebin.com/raw/NgsUAPya
Targets
-
-
Target
3eda6df330d608484f716e432916c740_NeikiAnalytics.exe
-
Size
273KB
-
MD5
3eda6df330d608484f716e432916c740
-
SHA1
97487fafd10dd336a0da86916e298899f366a293
-
SHA256
084d3c561410dc20876e39edf12c2450a0034c03a4f439c6497196e55e69812d
-
SHA512
ed87058d1f93643be58347cc3a3765fa296cd3648df24ed49e856600c70b99b4485fc8c25808a86d8c9412a072610facd53da90dc72fda466b14fdac04da298b
-
SSDEEP
6144:Mf4v7rRV5m0FGj3mvwRK6SL2rGGgR60Ci0Za6n:Xv7rX7wC2r1x0+Fn
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-