Overview

overview

10

Static

static

10

Micetopia/rungame.exe

windows7-x64

10

Micetopia/rungame.exe

windows10-2004-x64

10

Resubmissions

04-01-2023 00:10

230104-af5ndadc88 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Micetopia.zip

  • Size

    4.6MB

  • Sample

    230104-af5ndadc88

  • MD5

    72d21dd15caacf571de32d6fbbea9788

  • SHA1

    e4cd2b74f73464e9fe5bb81be9607753a12785ae

  • SHA256

    c6ba6e0c56909cea5c8b8c1ece68a17db773110c47fa5e3e88a809218596bdce

  • SHA512

    bd1dd2e4dff3c56298e0ba2a25040d1da99f1b44e1d1c3f0b1329ff965e4488ac3d0063239fb1679e8f7a4aa3eb40c3e49e72b946c5580dc3a6fc28d7018a9a3

  • SSDEEP

    98304:vjQlhYAC+O2K3EEgQG5lLHy06X+VakwQZt3CmC4q9i3n0glHn:x+fCP43Hy9gZt3Kw35lHn

Score
10/10
redline1086881322_99infostealerspyware

Malware Config

Extracted

Family

redline

Botnet

1086881322_99

C2

themocca.xyz:3306

themocca.xyz:28786
Attributes
  • auth_value

    c7b4b3ad5c912786e8dea8b34a307b0d

Targets

    • Target

      Micetopia/rungame.exe

    • Size

      752.5MB

    • MD5

      5a0474481175e6c7b09bc00b6850bd0d

    • SHA1

      6f8b6c6d94ff99ee259656d17d02107721677a56

    • SHA256

      d9c3952bdeb57e5a7378bb0c97cbf99584e27259c85119e4f2d838746cae2d19

    • SHA512

      9cd140be34ea4ee0eca2ee998e664f53d5e2eab890bd8a7bcea7e9a5134bd666475ad595c7d52eb2e2f72623c5901bc6ec6b26e22955dad7dda52518dceef8bf

    • SSDEEP

      6144:IT6GN8vB8kFDIozpRaV9iktC0KRDyAeP9EBOLrRCOSs9Tdl5ofgfwLoshP+Q3KEv:I4Pa0OH9rWyBw+Tk1qU17Nfn80r+Ga6

    Score
    10/10
    redline1086881322_99infostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks