Overview
overview
10Static
static
4LarvaLabsW...er.exe
windows7_x64
10LarvaLabsW...er.exe
windows10_x64
10ROGAIOSDK.dll
windows7_x64
3ROGAIOSDK.dll
windows10_x64
3RofPaketsoka.dll
windows7_x64
1RofPaketsoka.dll
windows10_x64
3ssleay32.dll
windows7_x64
1ssleay32.dll
windows10_x64
1storarc.dll
windows7_x64
1storarc.dll
windows10_x64
1storelib.dll
windows7_x64
1storelib.dll
windows10_x64
3storelibir-2.dll
windows7_x64
1storelibir-2.dll
windows10_x64
3General
-
Target
LarvaLabsWallet.rar
-
Size
4.8MB
-
Sample
211216-tnvmxsdbcn
-
MD5
e6d23fbd6a4e6addb1fa8c2622dfa9b9
-
SHA1
f02158e2cd9fce8ed5d09843ea03a8ffbe950816
-
SHA256
bf81fbbc09954cde0f6883a4f983b8f9623a9e126a242dacf7afeafcd156679d
-
SHA512
26a5d654dde84467ea541e9e8182d94017f276a361dc09b3fb749ae32cd30377b78bad99f6b553da6dc7341f676f88c132d0c934d5ddd344bd5e609a37557ebc
Behavioral task
behavioral1
Sample
LarvaLabsWallet Launcher.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
LarvaLabsWallet Launcher.exe
Resource
win10-en-20211208
Behavioral task
behavioral3
Sample
ROGAIOSDK.dll
Resource
win7-en-20211208
Behavioral task
behavioral4
Sample
ROGAIOSDK.dll
Resource
win10-en-20211208
Behavioral task
behavioral5
Sample
RofPaketsoka.dll
Resource
win7-en-20211208
Behavioral task
behavioral6
Sample
RofPaketsoka.dll
Resource
win10-en-20211208
Behavioral task
behavioral7
Sample
ssleay32.dll
Resource
win7-en-20211208
Behavioral task
behavioral8
Sample
ssleay32.dll
Resource
win10-en-20211208
Behavioral task
behavioral9
Sample
storarc.dll
Resource
win7-en-20211208
Behavioral task
behavioral10
Sample
storarc.dll
Resource
win10-en-20211208
Behavioral task
behavioral11
Sample
storelib.dll
Resource
win7-en-20211208
Behavioral task
behavioral12
Sample
storelib.dll
Resource
win10-en-20211208
Behavioral task
behavioral13
Sample
storelibir-2.dll
Resource
win7-en-20211208
Behavioral task
behavioral14
Sample
storelibir-2.dll
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
LarvaLabsWallet Launcher.exe
-
Size
323.2MB
-
MD5
b18eaff37a9918535852c276a9f5f409
-
SHA1
e97ec59bec67c561774bc34b7275b5b644ff4864
-
SHA256
09383bbfa1491809d7d427c540221488ecc891196da1ce134fe5f145f8734abe
-
SHA512
2b5a822481b827a2eb6190812ff08ec79ade534a52221806b741d9b3ee9086e3e4bff8be85ad70dd0cd942a519ff1f5bf0406f8b046f3f80d5221a5a4627b92a
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
ROGAIOSDK.dll
-
Size
334KB
-
MD5
ec24f3bce34b05b38c79627e93b432c4
-
SHA1
a2998092e224cf534728aeb88a523c82f6c041f9
-
SHA256
9699430ac09901f40e7b08d892b185959803a4a61fa0ec2e4e17b3ce48b78f28
-
SHA512
0a8d192bb12ade70ee71abaef37221b3adfa46c940b5e6668fad96cc1274eff27330f515acfc5e46358a7042ad446523989906a5ee077059016ce5588668bbfa
Score3/10 -
-
-
Target
RofPaketsoka.dll
-
Size
260KB
-
MD5
bc65564fe8430d684cc54b5c1ab8f012
-
SHA1
b75e38d7dd58f351bfb2d64333f6bafa20d2f199
-
SHA256
f2871ca7c3a685006df8d50ce7707a0eb2850e0c9de74c2a3c19c3693623bef8
-
SHA512
2ef56b15f12f717541c81e988e400c1e2b8ffe1bb650415f89e425aad5a1ad413182357c4a427b7ba94351433e7bc2a5f5962f584235de7417f099c7ff5baed4
Score3/10 -
-
-
Target
ssleay32.dll
-
Size
160KB
-
MD5
90c56365f4f7b10c7cd79d109202a9f9
-
SHA1
41c3189dd7b95da8f83543cc35bba4393072d410
-
SHA256
ea841a1081508db0599d8e8a418af9af905481d392d7225ca8577f991233b5d6
-
SHA512
fafe4a2b67727ca7eeb635772fe790493586ca65b1561e69168e315622150fe1d61579e59758a1e262fdf72da191b36ac784b1f24690d867177ecc5dc93ac3ec
Score1/10 -
-
-
Target
storarc.dll
-
Size
1.2MB
-
MD5
7ee1cd11cb173f645193daca84fed75f
-
SHA1
8b9e1c436edd73484bd72928291673f12ee35a8e
-
SHA256
e454c80f160ba96b276308b27aae8c63b5540a06032ed7b6c981034722597ba7
-
SHA512
6ddd5a76d80907cbb8db778f7aad6621c3d81529c7c054e6e154d3adb8cb65b0a9350d3d1e6f6dffc7e07086a9cc9c69a0d360fc10743f0cfd4a875ad6642e8d
Score1/10 -
-
-
Target
storelib.dll
-
Size
160KB
-
MD5
56dd65c393317f224a03a42bf7ac39f2
-
SHA1
d8921bc17fe0a6b974258f1055f0738b4a7ba8e4
-
SHA256
e297ad34b4deae7d030aaa0ddd8935675988e0cb2b4e71d481bf57ac05bc66d6
-
SHA512
ce18b16abe4d89c50cc195e6f801f6ccfe52564bf08eab25f485456c66aa237e382d9ad62c26460d86f66f5a15d1a1640c13cb1f592d416758781e903ab1c302
Score3/10 -
-
-
Target
storelibir-2.dll
-
Size
276KB
-
MD5
a0656d35a382b58c75cb9fb3f5388f35
-
SHA1
f4da2119c184a5fbf2d7233bd3d7352fecfb50e2
-
SHA256
1fb68c58d9764fc0327de464152274044cb5664e6a3d3881ca1ce562e7fe59f3
-
SHA512
d0509c71073d1f55b5c5c485e2743f5ce8ff0042524d80d8e6e5cddea4ed4e59ad199963d5548b99d9eb646bd9d1abe45fb0d0add63ba0e427ceec2ac34bcb25
Score3/10 -