General
-
Target
Apocalypse-beta 0.25.rar
-
Size
1.2MB
-
Sample
221201-qg979aeg3z
-
MD5
370403f360bc7d156a61d98f0f1a8312
-
SHA1
17d399f79d34b179e206ea763af4a8f5c69cc1f1
-
SHA256
0dbe2f4c9fb1df2da8f350a6b100051a9870c507893306e438a5043440515cf3
-
SHA512
b29a07dd1ef799d0ac2215a3b9cfb4684f1477fed28a79d07620c4a52d166dc4c2b5b145e35576944f0b8e367474f846e5cfcdefeef48d307865cf54f738aa35
-
SSDEEP
24576:n7LKXMV7JS8fV7FDmYrSjTqOKvFoFDqS3wIZfrVHyNZDXNbyYXD:7GXU7c47FDmYrI5DqS3VB4jNND
Static task
static1
Behavioral task
behavioral1
Sample
ALMV Launcher.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ALMV Launcher.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral3
Sample
amd_ags_x64.dll
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
amd_ags_x64.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
almv
79.137.199.206:45354
-
auth_value
76c2a356a8839fd8b4eaf48948178a8a
Targets
-
-
Target
ALMV Launcher.exe
-
Size
742.6MB
-
MD5
8cddcf405a72b2d981532e1d3e17699f
-
SHA1
f7bfb31a2c1bf54f7ef880239056b1856630d664
-
SHA256
859185aee0c38ff110e5f3db1540ad2652e9169ebb96bdf4c9712687e6221371
-
SHA512
0574f3d8949a8b0699559ff94ce78d186506b01e1332075d55860e0db2ee9a051e0ae9e7af2481866061d5cdc0ea2d47633c34089e16da66dd430490bb8312ca
-
SSDEEP
12288:7TFXGNy0issp5HNisIMCpzXoeU7WS86Og5MGdaUjbIh9/sWr:fxbssp5H1IMCpTo+KX
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of SetThreadContext
-
-
-
Target
amd_ags_x64.dll
-
Size
41KB
-
MD5
00d9c1f1485c9c965c53f1aa5448412b
-
SHA1
c071f40ea7f534daa4bded2b0755b7a2cd72dae5
-
SHA256
298b40fb70c142cc61135a125ff6c2a2e474526b9a7045102666a9434e84f459
-
SHA512
60227c729d08e958039acc8290b33cb338a414bbd6a1d9592d8188bfef07786dff8717cb7ad74d991c0c0a7476fec637d114be6a9beec2e8976dca9aad530016
-
SSDEEP
768:gUbBwQVwW2Wqn4p5hjufZbVa/MECPdAqTzUVGIM/o/:guYW2gp5hExEMAqTgVGo
Score3/10 -