General
-
Target
Synapse X.exe
-
Size
848KB
-
Sample
230323-ha1fgaea77
-
MD5
a5dfbf441b79794d6caa15c04e3443ab
-
SHA1
9eb92dd41e6b5cfb983602d74712681a8574f536
-
SHA256
de4b6eb1a1c92ee1d618f3807d86e299d8de95a812490df359b311ec1068c897
-
SHA512
f509f4a32580584c5f58246ff38fa5ea27db19293f5463e827e0027028480843cd882717dcd6be5c783c7b8748a1c8424283ac98ee93bb9c56050ff59163503b
-
SSDEEP
12288:c6H8zmJ3Tj2p+CTNcWjdh+k+Td59DQfBwL2jvgf+EJ9/+MytJ5:D2mQ+Td59DMBwc60Tt
Static task
static1
Behavioral task
behavioral1
Sample
Synapse X.exe
Resource
win10-20230220-en
Behavioral task
behavioral2
Sample
Synapse X.exe
Resource
win7-20230220-en
Behavioral task
behavioral3
Sample
Synapse X.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
gaming
authonomy.top:12767
Targets
-
-
Target
Synapse X.exe
-
Size
848KB
-
MD5
a5dfbf441b79794d6caa15c04e3443ab
-
SHA1
9eb92dd41e6b5cfb983602d74712681a8574f536
-
SHA256
de4b6eb1a1c92ee1d618f3807d86e299d8de95a812490df359b311ec1068c897
-
SHA512
f509f4a32580584c5f58246ff38fa5ea27db19293f5463e827e0027028480843cd882717dcd6be5c783c7b8748a1c8424283ac98ee93bb9c56050ff59163503b
-
SSDEEP
12288:c6H8zmJ3Tj2p+CTNcWjdh+k+Td59DQfBwL2jvgf+EJ9/+MytJ5:D2mQ+Td59DMBwc60Tt
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-