General
-
Target
e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228
-
Size
1.2MB
-
Sample
240425-e5211afc78
-
MD5
2cf5d69da271a679e8aa11c6fd68bcbc
-
SHA1
592e89ba9a032d875c9955e3c80e9d852f0bc704
-
SHA256
e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228
-
SHA512
b1fe414b8e9d1c7c56c5265a3c1386f9dd37c97af64a65f7a04e9460bbdae8d8143d84090392bb0bd51f053b1e3b21ca20b3c9953844de542059408eb9f2e929
-
SSDEEP
24576:0jqhS297HFlZVrmEP33ZaogYUspWkRR5sC96E4:0WTFlZVrmEZikyw
Static task
static1
Behavioral task
behavioral1
Sample
e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228
-
Size
1.2MB
-
MD5
2cf5d69da271a679e8aa11c6fd68bcbc
-
SHA1
592e89ba9a032d875c9955e3c80e9d852f0bc704
-
SHA256
e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228
-
SHA512
b1fe414b8e9d1c7c56c5265a3c1386f9dd37c97af64a65f7a04e9460bbdae8d8143d84090392bb0bd51f053b1e3b21ca20b3c9953844de542059408eb9f2e929
-
SSDEEP
24576:0jqhS297HFlZVrmEP33ZaogYUspWkRR5sC96E4:0WTFlZVrmEZikyw
-
Detect ZGRat V1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-