General
-
Target
injector.zip
-
Size
5.7MB
-
Sample
210715-hdbmqll9yj
-
MD5
429b49343c83087287faba8dd4d57c11
-
SHA1
ee87878c2292af1d7a71129baa91bc356f57efa0
-
SHA256
1e5acd9ae46d8522885ed418f362d0e4e5348b493ff8437d635e360c7f00aef1
-
SHA512
0cb9030df494943019334fd8b366159b45868d9ceba78a3f519fbd40e494c465541e5443062dd631a38318213a3d9d9f0ddeae1c06125ff56c8ef2c68f867b4d
Static task
static1
Behavioral task
behavioral1
Sample
injector.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
injector.exe
Resource
win10v20210410
Behavioral task
behavioral3
Sample
platforms/qwindows.dll
Resource
win7v20210410
Behavioral task
behavioral4
Sample
platforms/qwindows.dll
Resource
win10v20210408
Behavioral task
behavioral5
Sample
updater.ini.jpg
Resource
win7v20210410
Behavioral task
behavioral6
Sample
updater.ini.jpg
Resource
win10v20210408
Malware Config
Extracted
redline
@design_stalkar
185.186.142.83:29867
Targets
-
-
Target
injector.exe
-
Size
464KB
-
MD5
17cdde0e896e4a1bf5d8b376346c4d40
-
SHA1
6a1a5d06a351a23571d436c5f480fc6c0bf2267b
-
SHA256
33358691144fd04943b0de774643ba673448b6d7e616d482beb5200d09f9beeb
-
SHA512
43aa0de352de5930434951e6f79aa6f0175bc779858818aac0fc407e8dfcf4712df5d0bbea43953291b373ae2fec7ff5b4379f2bf16cf03fc2e3b2daec96c16c
-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
platforms/qwindows.dll
-
Size
1005KB
-
MD5
be068132ece3f794f09c9d6b5ba20b91
-
SHA1
859599fa72d128e33db6fe99ba95a8b63b15cc89
-
SHA256
59dcecb111aa15159414819f4f522e7f90597939cab572b982beebee5dc0efdf
-
SHA512
13829ae9b7bd0cba95800075b24570f3c70a6c4b3d4b3c4da76b0077e37c75194e929d8d56a2db69e22a319ba5077d188a6f3baedd1f69f79979717d6f6d1b6f
Score1/10 -
-
-
Target
updater.ini
-
Size
219KB
-
MD5
12f2bfc50beccac7da7e5bda20038502
-
SHA1
3832254fc525ec0d022b20c55ae819d3d54cef28
-
SHA256
d754d33bccde2b2600d052f86afadea348f6a7171561dcd9906800bbab48cfd9
-
SHA512
b43f43733dc394df4ea5c59483e87b0b085a7eee74986c8543b8cf1e4a2e76d5fd89b523d376569380d83a4e16a845f39088ca2f348f2168861962692eb8439f
Score3/10 -