General
-
Target
f73000915c05e496a9b7e1d21c109c0ef326fe9b20a7b6ac9ee20c09ecb7d10e.exe
-
Size
3.5MB
-
Sample
240423-cjra9sbe8x
-
MD5
190b0ac75df86273bee149b077568953
-
SHA1
9165381865ee452f50ee4cd33a9e18ec27c72b37
-
SHA256
f73000915c05e496a9b7e1d21c109c0ef326fe9b20a7b6ac9ee20c09ecb7d10e
-
SHA512
22ea9c61de288b7d5192fcde981e1960307404c1b042cfcbcfcd2fae6d8a133c1be6d634452ee24b78186901eec2772c8d082127b175f38b8c6a7b9b0c379f4e
-
SSDEEP
98304:StMGmkkPTtxYwM6meiKt38llaR+bDBpWxi9RL4Qs:StQkUT8Kt3OhTWA9RL4V
Behavioral task
behavioral1
Sample
f73000915c05e496a9b7e1d21c109c0ef326fe9b20a7b6ac9ee20c09ecb7d10e.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
f73000915c05e496a9b7e1d21c109c0ef326fe9b20a7b6ac9ee20c09ecb7d10e.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
123
193.233.132.169:37732
Targets
-
-
Target
f73000915c05e496a9b7e1d21c109c0ef326fe9b20a7b6ac9ee20c09ecb7d10e.exe
-
Size
3.5MB
-
MD5
190b0ac75df86273bee149b077568953
-
SHA1
9165381865ee452f50ee4cd33a9e18ec27c72b37
-
SHA256
f73000915c05e496a9b7e1d21c109c0ef326fe9b20a7b6ac9ee20c09ecb7d10e
-
SHA512
22ea9c61de288b7d5192fcde981e1960307404c1b042cfcbcfcd2fae6d8a133c1be6d634452ee24b78186901eec2772c8d082127b175f38b8c6a7b9b0c379f4e
-
SSDEEP
98304:StMGmkkPTtxYwM6meiKt38llaR+bDBpWxi9RL4Qs:StQkUT8Kt3OhTWA9RL4V
-
Detect ZGRat V1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Detects executables packed with Dotfuscator
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-