General
-
Target
8c2570eb50280bce1adb969e1f356c60a74e761c561e312747f485cbc1c9840b
-
Size
1.1MB
-
Sample
220415-kt49wahce5
-
MD5
55d1f78cd825fbb30ef8f4abb4973837
-
SHA1
1df51f571986225491af34c89fbd3d84b3969d88
-
SHA256
8c2570eb50280bce1adb969e1f356c60a74e761c561e312747f485cbc1c9840b
-
SHA512
14b21ed1af86e01ff53c9ef3c2465922c4497fc6ce0454b0ad443858e3afa07f321ca6517feaf7922b64bbbc3450e38d409e48ee11a0d3d4564828f7415abc3a
Static task
static1
Behavioral task
behavioral1
Sample
8c2570eb50280bce1adb969e1f356c60a74e761c561e312747f485cbc1c9840b.exe
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
8c2570eb50280bce1adb969e1f356c60a74e761c561e312747f485cbc1c9840b.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
8c2570eb50280bce1adb969e1f356c60a74e761c561e312747f485cbc1c9840b
-
Size
1.1MB
-
MD5
55d1f78cd825fbb30ef8f4abb4973837
-
SHA1
1df51f571986225491af34c89fbd3d84b3969d88
-
SHA256
8c2570eb50280bce1adb969e1f356c60a74e761c561e312747f485cbc1c9840b
-
SHA512
14b21ed1af86e01ff53c9ef3c2465922c4497fc6ce0454b0ad443858e3afa07f321ca6517feaf7922b64bbbc3450e38d409e48ee11a0d3d4564828f7415abc3a
-
Meta Stealer Stealer
Meta Stealer steals passwords stored in browsers, written in C++.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-