General
-
Target
God of War.exe
-
Size
1.2MB
-
Sample
220127-ltcqasafej
-
MD5
484c3ab4ae2795dce03be108c01ea316
-
SHA1
459b95db4341640c1c249bce55e74a39e256e2d4
-
SHA256
82b844c1e452640ba4bf4ef2ec6187d16673b3113af6a92ac684ca3ba6a82859
-
SHA512
956ebe3f1ddfb4aa565ccddf00184f787592b22aa548cdc82391bf1233b8ccd707aa90e6b9e73b42b28a9ddc637ca3ce79e070319445d35bcec907ae30477059
Static task
static1
Behavioral task
behavioral1
Sample
God of War.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
God of War.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
5.206.227.246:80
Extracted
redline
cheat
185.253.7.41:49508
Targets
-
-
Target
God of War.exe
-
Size
1.2MB
-
MD5
484c3ab4ae2795dce03be108c01ea316
-
SHA1
459b95db4341640c1c249bce55e74a39e256e2d4
-
SHA256
82b844c1e452640ba4bf4ef2ec6187d16673b3113af6a92ac684ca3ba6a82859
-
SHA512
956ebe3f1ddfb4aa565ccddf00184f787592b22aa548cdc82391bf1233b8ccd707aa90e6b9e73b42b28a9ddc637ca3ce79e070319445d35bcec907ae30477059
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
suricata: ET MALWARE JS/Nemucod requesting EXE payload 2016-02-01
suricata: ET MALWARE JS/Nemucod requesting EXE payload 2016-02-01
-
suricata: ET MALWARE JS/Nemucod.M.gen downloading EXE payload
suricata: ET MALWARE JS/Nemucod.M.gen downloading EXE payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-