General
-
Target
Aquantia_Setup 2.11.exe
-
Size
1.2MB
-
Sample
240425-e1sa1afd4y
-
MD5
6180f42d09cec34c076ae49d00df801d
-
SHA1
4ef3f5b0e891687501e97cbc92f2951475ad253e
-
SHA256
8334ad3ab7e3345c268e6f2575f4de76ad6b303b5adab68abca11037f9ba274f
-
SHA512
c96945d3f06e25bea06cd56e07fec26700efb5a7d1a2980db84275d92cd54257b950ca5a4421e7310028074ba5bec79de7d5588afbbbdb26cf7a76e64a156305
-
SSDEEP
24576:jBqZzXSQdong2RZo8589viImLWcUoTaXU24P:dovong2RZo85803nWk/P
Static task
static1
Behavioral task
behavioral1
Sample
Aquantia_Setup 2.11.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
Aquantia_Setup 2.11.exe
-
Size
1.2MB
-
MD5
6180f42d09cec34c076ae49d00df801d
-
SHA1
4ef3f5b0e891687501e97cbc92f2951475ad253e
-
SHA256
8334ad3ab7e3345c268e6f2575f4de76ad6b303b5adab68abca11037f9ba274f
-
SHA512
c96945d3f06e25bea06cd56e07fec26700efb5a7d1a2980db84275d92cd54257b950ca5a4421e7310028074ba5bec79de7d5588afbbbdb26cf7a76e64a156305
-
SSDEEP
24576:jBqZzXSQdong2RZo8589viImLWcUoTaXU24P:dovong2RZo85803nWk/P
-
Detect ZGRat V1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-