General
-
Target
Marc O'Polo New Collection Promotion.zip
-
Size
30.3MB
-
Sample
220405-wyt59abce2
-
MD5
c063648dafa7d09b61f0bda8d7ed979a
-
SHA1
84cc89424b5068c3c99bf3279a103288c5f4a900
-
SHA256
511a8d59afce7a05f1ddfefcb79f954b01514fe4546c8e4f5b0c7485d691cba0
-
SHA512
2993e65649f1f7e0bad346f588112883496a4ac450f8be3d0f63e519e9a029a88a44b564a7f80566f22d2263ba89182c1bfc364868f6d994eee92c42fb179ac0
Behavioral task
behavioral1
Sample
Barter Agreement.pdf
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
Barter Agreement.pdf
Resource
win10v2004-20220331-en
Behavioral task
behavioral3
Sample
License agreement.docx.exe
Resource
win7-20220331-en
Behavioral task
behavioral4
Sample
License agreement.docx.exe
Resource
win10v2004-20220331-en
Behavioral task
behavioral5
Sample
MARC O'POLO - IT'S ON US - SUMMER 2022 BIGGEST PRESENTATION.mp4.scr
Resource
win7-20220331-en
Behavioral task
behavioral6
Sample
MARC O'POLO - IT'S ON US - SUMMER 2022 BIGGEST PRESENTATION.mp4.scr
Resource
win10v2004-20220331-en
Malware Config
Targets
-
-
Target
Barter Agreement.pdf.pdf
-
Size
131KB
-
MD5
fcd49eb302427fdcb72d1c11671759ba
-
SHA1
00d93fdd3990930803c0b2df3eafe1ea281bf63a
-
SHA256
774f383d4a550810c42eb08f20f35d72845e964bffe7e789687272a2fb023124
-
SHA512
d94eda17c75197547cfb53062c370a10d76167a8426b62611511e0cc5c3a0020e05908fc102cb61bbc5d2c77e9ff855ffc584e3df535a59ef97c567d88e4d71f
Score1/10 -
-
-
Target
License agreement.docx.exe
-
Size
351.8MB
-
MD5
5390609abb3087a7f176114cbf0515f4
-
SHA1
c8c7b7dd7b937396c66ebbf5003c1b6be9ba445d
-
SHA256
15966c883691020a203fa4fee9f5826fac8473c9330c38e9121e686d16b2bb28
-
SHA512
829f5628d20d26ef8dd8284aea195293c89ee5c364bea94d06de80f268921207f110614dab764ae3a0b72a200ca57701dc205c67690692fc49adb162edc0358a
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
MARC O'POLO - IT'S ON US - SUMMER 2022 BIGGEST PRESENTATION.mp4.scr
-
Size
351.8MB
-
MD5
cf8b5ad990de4131d2abee8b8dda6fa5
-
SHA1
0e37b1b28d2122137059c9baae440bf4b2df00af
-
SHA256
2f585fa2c9a2910cc54d9d2312ee941242b87011d21c19f2d894e093976340b6
-
SHA512
725d66114321e2fd8f4dc65d0dae7138a7df0df37e028fb4d10df7b99abd548d3517aaf7bd68f9b735f66df8f8530a38844db5177ee0f1e2cc66c4ea60a0e94d
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-