General
-
Target
AxoPac.exe
-
Size
688.4MB
-
Sample
240420-mz4lmseh24
-
MD5
15b73203f55c05d9576a297cc7a0a2d4
-
SHA1
fcc97ff7492c13cccb0c818bc2bc459c1949f240
-
SHA256
7fb6a5b7bc2ae61cdd333ba7d833c1125ee5570dca7ab88b85bc705057faf0b9
-
SHA512
cf2f278874c1a0693c37a723dbb086976c835b161822938f54c3ebdea6a90e9ea3c7ad69366fac54c8be1540fdb951c584ce8177df52a842f2c183e47623e814
-
SSDEEP
12288:E0TS9J5NyBZ/lY6RdM2hkGQb7V57pjBIl70VoCeU:hS9zNF6RK6QfV57pNk7hRU
Static task
static1
Behavioral task
behavioral1
Sample
AxoPac.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
AxoPac.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
AxoPac.exe
-
Size
688.4MB
-
MD5
15b73203f55c05d9576a297cc7a0a2d4
-
SHA1
fcc97ff7492c13cccb0c818bc2bc459c1949f240
-
SHA256
7fb6a5b7bc2ae61cdd333ba7d833c1125ee5570dca7ab88b85bc705057faf0b9
-
SHA512
cf2f278874c1a0693c37a723dbb086976c835b161822938f54c3ebdea6a90e9ea3c7ad69366fac54c8be1540fdb951c584ce8177df52a842f2c183e47623e814
-
SSDEEP
12288:E0TS9J5NyBZ/lY6RdM2hkGQb7V57pjBIl70VoCeU:hS9zNF6RK6QfV57pNk7hRU
Score10/10-
Detect ZGRat V1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-