General
-
Target
EngineChromium.msi
-
Size
34.3MB
-
Sample
240426-msdrmsef83
-
MD5
a74cc7b62eaed6394bdc89f8ae24ae45
-
SHA1
c0bc2eb10ef1e9891a5f1587cf180a67ac3a72a6
-
SHA256
5a7757d1d3fb70c2e261e3e3a14a6c79d0451b3bd67b262059ca001f9c48b308
-
SHA512
a8962c92d0ea8e24f3a98e6fd01c3eedf708dcd4ff54724cd7a4e35d673ccae3f21c1094834ae44486ad785f8905dc975fd31093cf9454f34a0eb85b5331ca9f
-
SSDEEP
786432:CUz141w/2wmggH4vdjpi6TeQHnjAGVRZ4U2XCUydEB6msg:CUZjXmggOdov8nkGVeXCUIEWg
Static task
static1
Behavioral task
behavioral1
Sample
EngineChromium.msi
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
EngineChromium.msi
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
EngineChromium.msi
Resource
win10v2004-20240419-en
Behavioral task
behavioral4
Sample
EngineChromium.msi
Resource
win11-20240419-en
Malware Config
Extracted
redline
newhope2
91.92.246.148:3362
Targets
-
-
Target
EngineChromium.msi
-
Size
34.3MB
-
MD5
a74cc7b62eaed6394bdc89f8ae24ae45
-
SHA1
c0bc2eb10ef1e9891a5f1587cf180a67ac3a72a6
-
SHA256
5a7757d1d3fb70c2e261e3e3a14a6c79d0451b3bd67b262059ca001f9c48b308
-
SHA512
a8962c92d0ea8e24f3a98e6fd01c3eedf708dcd4ff54724cd7a4e35d673ccae3f21c1094834ae44486ad785f8905dc975fd31093cf9454f34a0eb85b5331ca9f
-
SSDEEP
786432:CUz141w/2wmggH4vdjpi6TeQHnjAGVRZ4U2XCUydEB6msg:CUZjXmggOdov8nkGVeXCUIEWg
-
Detect ZGRat V1
-
PureLog Stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Modifies file permissions
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-