General
-
Target
Metamask Seed Generator.zip
-
Size
603KB
-
Sample
220720-k98x1aedbm
-
MD5
ef63d113bb78f3203efc013974a9e77d
-
SHA1
a7b53308b7a5092497753accfad96991310534a6
-
SHA256
87ac9e36b05f3d8001e92f640029350be8b8065ab72dca19b6e509caa13d68c3
-
SHA512
8de7c5332342f90fbd3719a7d95cecebd84c62284fc5ab92ddd23c02008a78d7d4a01d442f2f92c66d1f5f3c081dd996c2c27c98670775cc7febd304ba668064
Static task
static1
Behavioral task
behavioral1
Sample
Metamask Seed Generator.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
Metamask Seed Generator.exe
Resource
win10-20220718-en
Behavioral task
behavioral3
Sample
Metamask Seed Generator.exe
Resource
win10v2004-20220718-en
Behavioral task
behavioral4
Sample
Metamask Seed Generator.exe
Resource
win11-20220223-en
Malware Config
Extracted
redline
Youtube
tecnotrendgame.ddns.net:62099
Targets
-
-
Target
Metamask Seed Generator.exe
-
Size
590KB
-
MD5
e883f34b766540694ea524e1f8be3958
-
SHA1
e4bc2c5cd58e2ecf9ec30768558baf29f73690d7
-
SHA256
8fa48d81788bbd2b1ad77fbb615a5cd3084ed94badc0b9f58797c6b09bd251be
-
SHA512
c046217c5f688eec693b4e5c91d5871c8b78887aa4a9f087a7469ae83b01169ecf3c17244b19f6b2e5d3e1aa231e6c164303bbdd9bb3723addbc0b5f86c95a17
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-