General
-
Target
af60eec4fcc826168f9bb7f849bc24b9c67bc9367126c20b8a80d6b0e1c416c1.exe
-
Size
3.9MB
-
Sample
240423-b4eyasbc4x
-
MD5
3c244fae9cb5bb37d4410f4c9d6fe90a
-
SHA1
3e03a9e42b537b793770c4205db7f4bac7ec6561
-
SHA256
af60eec4fcc826168f9bb7f849bc24b9c67bc9367126c20b8a80d6b0e1c416c1
-
SHA512
9408a67b96ac32f8c767b5a8febe6c89a1c75ee8666de237e806ac4f61a0895bc468be70d4f19b4da26823226052cbb7d9e0a654311772db630d0afe4bd26de7
-
SSDEEP
49152:MIF8M31NQDgRmeebiQ07intlAEE3sQIcvw4AAVbmVeXQE4aZ+G9/FBiyu7vBHvpT:5lPY/HrAEE3sxfpAV/XQExHULR9RL4Qx
Behavioral task
behavioral1
Sample
af60eec4fcc826168f9bb7f849bc24b9c67bc9367126c20b8a80d6b0e1c416c1.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
af60eec4fcc826168f9bb7f849bc24b9c67bc9367126c20b8a80d6b0e1c416c1.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
af60eec4fcc826168f9bb7f849bc24b9c67bc9367126c20b8a80d6b0e1c416c1.exe
-
Size
3.9MB
-
MD5
3c244fae9cb5bb37d4410f4c9d6fe90a
-
SHA1
3e03a9e42b537b793770c4205db7f4bac7ec6561
-
SHA256
af60eec4fcc826168f9bb7f849bc24b9c67bc9367126c20b8a80d6b0e1c416c1
-
SHA512
9408a67b96ac32f8c767b5a8febe6c89a1c75ee8666de237e806ac4f61a0895bc468be70d4f19b4da26823226052cbb7d9e0a654311772db630d0afe4bd26de7
-
SSDEEP
49152:MIF8M31NQDgRmeebiQ07intlAEE3sQIcvw4AAVbmVeXQE4aZ+G9/FBiyu7vBHvpT:5lPY/HrAEE3sxfpAV/XQExHULR9RL4Qx
Score10/10-
Detect ZGRat V1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Detects executables packed with Dotfuscator
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-