General
-
Target
Installer Far Cry 6.exe
-
Size
1.7MB
-
Sample
211023-3yffesddhq
-
MD5
bcf6ffd1c6a0a6e972370e03e31b8143
-
SHA1
246b24525d4457e3a5f98475b7ee2c3f0f2128ac
-
SHA256
5357372d858b551ca90eda32f7ce00c85e1894c77cce1a5c1fa0c0dace605d42
-
SHA512
d791622c85ae0c32f53db57556c1ba4ddfa5147032d21f391c7f0eff7b8cef0c356f5d83f48b34d9bed37a10c272b216375a6777e069e0c6efc8b10161a384dc
Static task
static1
Behavioral task
behavioral1
Sample
Installer Far Cry 6.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
Installer Far Cry 6.exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
Installer Far Cry 6.exe
-
Size
1.7MB
-
MD5
bcf6ffd1c6a0a6e972370e03e31b8143
-
SHA1
246b24525d4457e3a5f98475b7ee2c3f0f2128ac
-
SHA256
5357372d858b551ca90eda32f7ce00c85e1894c77cce1a5c1fa0c0dace605d42
-
SHA512
d791622c85ae0c32f53db57556c1ba4ddfa5147032d21f391c7f0eff7b8cef0c356f5d83f48b34d9bed37a10c272b216375a6777e069e0c6efc8b10161a384dc
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-