General
-
Target
Mopes Hack.exe
-
Size
326KB
-
Sample
211015-1saa4scchp
-
MD5
83e60135c26872fa756fcb26553be6cb
-
SHA1
3df616b4b4df6faba9373f78dac9a277c07cb26a
-
SHA256
e4331c8eab3a20db74f66603fac6ff6a3faca677176a4015dea2a4665fb3f13f
-
SHA512
10834fa839db185629dfce92da2334d4c69dc05041ee045c08610085febeebac054f6c5b64e5a1e259ca06144e6bdc0a91a56acbba130dd6e0aeeb8cfbb67b26
Static task
static1
Behavioral task
behavioral1
Sample
Mopes Hack.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
Mopes Hack.exe
Resource
win10-en-20210920
Malware Config
Extracted
redline
@silistrii_LZT
arujuyrana.xyz:80
Targets
-
-
Target
Mopes Hack.exe
-
Size
326KB
-
MD5
83e60135c26872fa756fcb26553be6cb
-
SHA1
3df616b4b4df6faba9373f78dac9a277c07cb26a
-
SHA256
e4331c8eab3a20db74f66603fac6ff6a3faca677176a4015dea2a4665fb3f13f
-
SHA512
10834fa839db185629dfce92da2334d4c69dc05041ee045c08610085febeebac054f6c5b64e5a1e259ca06144e6bdc0a91a56acbba130dd6e0aeeb8cfbb67b26
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Suspicious use of SetThreadContext
-