General
-
Target
Acordx_Crypter.zip
-
Size
56.9MB
-
Sample
230228-vkzm5scd35
-
MD5
da2d24668a28f53fa942bfd18e7a1476
-
SHA1
16b92ef20bc8ae5620f28e177a7d87f6c18ea653
-
SHA256
cf9d610e238181d6078e04b3f29b169191b9da0204571b204d8dfc8036f67cd8
-
SHA512
bb46cc274d43be802918c6c6987cd2fbe19da2abeb1ef2443a103502c3e55de7ae890b6b3fe2dc5f7443fbffae709e3121d57253f008b0e42598568b7a3871b6
-
SSDEEP
1572864:I4NidM5XL6+wyj3DtdU+PNeFn/9p6HbV9:GdM57bwyjRhFeFn/9p6HZ9
Static task
static1
Behavioral task
behavioral1
Sample
Acordx Crypter/Acordx.exe
Resource
win10v2004-20230221-en
Behavioral task
behavioral2
Sample
Acordx Crypter/Crack.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
Acordx Crypter/Get all rats & cracked tools.url
Resource
win10v2004-20230220-en
Behavioral task
behavioral4
Sample
Acordx Crypter/Guna.UI.dll
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
cheat
54.186.174.253:35361
Extracted
xworm
decision-at.at.ply.gg:18084
-
install_file
svhost.exe
Targets
-
-
Target
Acordx Crypter/Acordx.exe
-
Size
1.2MB
-
MD5
7a9202505d38a8230c163d700327cd6a
-
SHA1
4e91c173f2d30519c9de67022cc1f066b4c343a9
-
SHA256
a8eabc62975c12e675af49535fa43e574048b05fded046c327ad2e7642b8f9b5
-
SHA512
6d1da1101d157b4f453741a191af293c86c738c2c9aa9e4ac3f30e9983d24a668db3df1d65c16315093e7c88ab67da425db0de3957b08f88c39aed67886d80dc
-
SSDEEP
24576:EUOmpj6H4/3nVOmULyVEqYcvmEHdBHtolaEFGMSKpbq90PKFHLr3fo:EUOa1cmUeVEFOdBOjpy0yFH33f
Score3/10 -
-
-
Target
Acordx Crypter/Crack.exe
-
Size
55.4MB
-
MD5
02333b8dc720e94cd0b2a78c763a7128
-
SHA1
b1ecc16bef06c0939f03328a09928248b9244151
-
SHA256
2f43d0bfd2a071e5f60324bb19ce0d6e5f70674193dd093513b9cfea6b3c1775
-
SHA512
b14ac898d7281c983a8c530a4492f4629e47f895e83f5161f119a0584f3a442d03c27f763c707f0cdc9f35f229a7830dc99ba60444baa624b6555d4ffe50e0d8
-
SSDEEP
1572864:STW8pIrCO9hktPnAHxqXIAI/sWSdEqCoQwL:kEPunyxE3t5EelL
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
Acordx Crypter/Get all rats & cracked tools.url
-
Size
124B
-
MD5
823c9189881af9ac7791f08a0ddeed40
-
SHA1
50454bbceb20c6ac6d3bf545a2a2b40b9d06617d
-
SHA256
15bac6f8ac34087005a6e66a8fae4e87c8e31f3a29923ac9708eb98a28a278ad
-
SHA512
6eae2a940db05020b8487abb4ba96589f41d3075e7ee1856f5c71b186b97a6065fd188a1fe9d4cb1bbd35d92235a5ef4d40f9e14d2ccabd8fc5204ede5cc5ad5
Score1/10 -
-
-
Target
Acordx Crypter/Guna.UI.dll
-
Size
1.1MB
-
MD5
8673eae95d67e5eb19f0eca3111408e8
-
SHA1
ad3e1ce93782537ffd3cd9e0bb9d30ae22d40ddb
-
SHA256
576d2de2c9ef5bc1ea9bdd73ae8f408004260037c3b72227eed27e995166276d
-
SHA512
65c4eadf448a643f45fa9a0d91497bb25af404c41a3a32686d9e99ba4f4e50783d73f5b13d5df505cc62c465be300746d84a2eaa8000531893cd0b19d6436239
-
SSDEEP
24576:hUsmpWNSUFmCqJPNsTuJDYYviEcHy1t6Y:hSUQWSF8q
Score1/10 -