General
-
Target
https://download2289.mediafire.com/a039mkl8sqygQd2scBRj1y253dMu3zlOOL1Yher18oNWa0vNbZJdLqgGHdBlf7jzaHj2tqZS_Br2bUBn10Ern6TmhCWWUYHDVlNlhInysL6-kJW58wDAriaSFaC6JXNybjNoJxGivCJiZK7tVqQ6bVHSFmxRyeeF22LKF3SSSeDnmQ/3wt1kwrom7pemyu/Dexter.zip
-
Sample
240408-wcp96sad9s
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://download2289.mediafire.com/a039mkl8sqygQd2scBRj1y253dMu3zlOOL1Yher18oNWa0vNbZJdLqgGHdBlf7jzaHj2tqZS_Br2bUBn10Ern6TmhCWWUYHDVlNlhInysL6-kJW58wDAriaSFaC6JXNybjNoJxGivCJiZK7tVqQ6bVHSFmxRyeeF22LKF3SSSeDnmQ/3wt1kwrom7pemyu/Dexter.zip
Resource
win10-20240404-en
Malware Config
Extracted
redline
45.15.156.142:33597
Targets
-
-
Target
https://download2289.mediafire.com/a039mkl8sqygQd2scBRj1y253dMu3zlOOL1Yher18oNWa0vNbZJdLqgGHdBlf7jzaHj2tqZS_Br2bUBn10Ern6TmhCWWUYHDVlNlhInysL6-kJW58wDAriaSFaC6JXNybjNoJxGivCJiZK7tVqQ6bVHSFmxRyeeF22LKF3SSSeDnmQ/3wt1kwrom7pemyu/Dexter.zip
-
Detect ZGRat V1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-