General
-
Target
neverlose_cr.rar
-
Size
644KB
-
Sample
240125-s28ahaagfn
-
MD5
30df88d0a67c5c4da32f4241cebe385d
-
SHA1
13414f6d93e80e73d4ef2f7be3b5ea98f9784a23
-
SHA256
b324c53ae8b37753405563df1e4a0375758c9b9c2d9368ad807a6e8cda957c6a
-
SHA512
92563d9362f1795b454d87d4c2bfd1dcff56dc3e367060ab4fbdf2739f245e31584ba6547f561fe5c494ad7bd150feab2c15c145f67bcee0c90c1917e0273bb0
-
SSDEEP
12288:LaWY1XaC1izww0BfZ2KlTfbTHghYmy4rcqpqMklQX9TQBJuhc0:S1qCczEBfZ2KlTHaYsuqSJuq0
Static task
static1
Behavioral task
behavioral1
Sample
nlinjector.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
nlinjector.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
nvrls_build.dll
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
nvrls_build.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral5
Sample
readme.txt
Resource
win7-20231215-en
Malware Config
Extracted
redline
@asasasassasassassas
45.15.156.167:80
Targets
-
-
Target
nlinjector.exe
-
Size
733KB
-
MD5
16b814f5d97faeb7f388fa00626a6f5d
-
SHA1
f1ddab5c0553bcad26056d64e3037e7c5bc7391c
-
SHA256
c4dd5514c42110629dee90c23c5ec4186da39140dc23a952a57085687d6c6a71
-
SHA512
f811e92f263db7dba10b107d693e0c64afda509b8c9573f826b2931475dea91675e735bc4f60837b932782fedc2dabad5f31fe6533fec8c3dca24b1ec29504b3
-
SSDEEP
12288:Rh18k70TnvjcUxhzQKo6VxgCgxa5yT2owiJh2:uk70TrcUJfVxScyT2oweh
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Suspicious use of SetThreadContext
-
-
-
Target
nvrls_build.dll
-
Size
483KB
-
MD5
638ca280bdafef22e9a93651cdcebf03
-
SHA1
1241eaba9b312fbc10c3fe4e3026de96ca46f958
-
SHA256
7b6a2db2e2b6d3b306754dbf6df7fb714aa53eefabf34d90ea4fb4484a31a596
-
SHA512
70d661b39a5ae7b84a97d8ecac2b3bdb3495bd96f16fe6c0563a4861eb38b67fe571cb43b7976806c73b930330f1139bc3c30d3e110dd21fa2563cad6a9b830c
-
SSDEEP
6144:k7zuPxGDdDpMYoCc4frmAtG6jAxSiRzKOOGNUlwoZlSbX2Oq0cW0nYjCSNxyCi5l:k7IgdDpz24fzGO+55zzVH0nZCS
-
-
-
Target
readme.txt
-
Size
559B
-
MD5
38c00bafca1039eedfab0fb4a0ee5428
-
SHA1
1af7bb5aef4038097aebe3c8c678ba98326d0af2
-
SHA256
d273195333cad57c9b94956ec678277872ab38f84d12f38d6305a635f487cd2d
-
SHA512
488a42c12c0e4fc8da3cce482af29546043c54298dea3ef2394dd61c29638c471baf47c4e287c36e940e4039b42cd30ce6842d781edcc4208266395b874a295f
-