General
-
Target
GhazisMyotonia.exe
-
Size
538KB
-
Sample
240410-rnzkrsea3x
-
MD5
ce3ef591c491d85bd66a71a172b35338
-
SHA1
eee8ef55e6a963db7d22901c6538e53a00ebf5f6
-
SHA256
0a57f9fb4ca1c5d24acefa4a73d2bc3c27b68020a7aa8ccf3c70a78563d90eed
-
SHA512
1e3166a2493112f2271439f1d234acddf67ad45d3c5cc632f1649e96eeb2f5783569406be06b32cc91a46e9cd6e31bd5efadbc7fdb113b96477c1e824b8031e9
-
SSDEEP
12288:xVqXp1DaoptSbgyk3337vBpE65aQnU5T:xVqHak0KvBpHaQY
Static task
static1
Behavioral task
behavioral1
Sample
GhazisMyotonia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
GhazisMyotonia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
GhazisMyotonia.exe
-
Size
538KB
-
MD5
ce3ef591c491d85bd66a71a172b35338
-
SHA1
eee8ef55e6a963db7d22901c6538e53a00ebf5f6
-
SHA256
0a57f9fb4ca1c5d24acefa4a73d2bc3c27b68020a7aa8ccf3c70a78563d90eed
-
SHA512
1e3166a2493112f2271439f1d234acddf67ad45d3c5cc632f1649e96eeb2f5783569406be06b32cc91a46e9cd6e31bd5efadbc7fdb113b96477c1e824b8031e9
-
SSDEEP
12288:xVqXp1DaoptSbgyk3337vBpE65aQnU5T:xVqHak0KvBpHaQY
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-