General
-
Target
1fad6fe833e520abed8b1937ed2598091545cd8b388188ba3e702c1da0401813.exe
-
Size
435KB
-
Sample
240423-bhg6jaaf71
-
MD5
39f127b2722cfd35f5102cad5c3528ba
-
SHA1
5f27952052884953907e6a3b806f5b7f055261dd
-
SHA256
1fad6fe833e520abed8b1937ed2598091545cd8b388188ba3e702c1da0401813
-
SHA512
39fd2e250078cae9be975b9074b3f8eaff331e9682f73aacbf0950d4a7bb55a0c984c1d9d03710e3852b2a0a0c917a769f30871f9fc89df53d95d4c76b834ad6
-
SSDEEP
12288:/r7219cp5VgRdztHiyX9Aa7Cv3FM4pIdW3pArpX:+gpPiDX9yVCdN1X
Static task
static1
Behavioral task
behavioral1
Sample
1fad6fe833e520abed8b1937ed2598091545cd8b388188ba3e702c1da0401813.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
1fad6fe833e520abed8b1937ed2598091545cd8b388188ba3e702c1da0401813.exe
-
Size
435KB
-
MD5
39f127b2722cfd35f5102cad5c3528ba
-
SHA1
5f27952052884953907e6a3b806f5b7f055261dd
-
SHA256
1fad6fe833e520abed8b1937ed2598091545cd8b388188ba3e702c1da0401813
-
SHA512
39fd2e250078cae9be975b9074b3f8eaff331e9682f73aacbf0950d4a7bb55a0c984c1d9d03710e3852b2a0a0c917a769f30871f9fc89df53d95d4c76b834ad6
-
SSDEEP
12288:/r7219cp5VgRdztHiyX9Aa7Cv3FM4pIdW3pArpX:+gpPiDX9yVCdN1X
-
Detect ZGRat V1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-