General
-
Target
Launcher_v1.21.1 Setup.exe
-
Size
109KB
-
MD5
37ae465d1f62fca47bd9322932c35ea6
-
SHA1
d5cdd916c936cea0803555270af50ef3bc1be5b2
-
SHA256
12757ceb2e381bf3da18222033e24ea75dca6c221cfc758a65c40c383280f976
-
SHA512
748162161737e8358d01fb8a0221d291f840c0f3b575f746394680015d646703e46da6eecec234580df88221752d1ea96d43d50b21d98838f6f5e210a5011584
-
SSDEEP
1536:AAcbDr5JpAmS4lZyNRxCuCL+22Q4c3P9pdKU5GNby+xXmflMXps6P:AT7j+22QDhFKyoWiO6P
Malware Config
Extracted
redline
5195552529
https://pastebin.com/raw/NgsUAPya
Signatures
-
RedLine payload 1 IoCs
resource yara_rule sample family_redline -
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Launcher_v1.21.1 Setup.exe
Files
-
Launcher_v1.21.1 Setup.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 106KB - Virtual size: 106KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ